Index: src/include/k5-int.h =================================================================== --- src/include/k5-int.h (.../tags/krb5-1-6-1-final) (Revision 19540) +++ src/include/k5-int.h (.../branches/krb5-1-6) (Revision 19540) @@ -1048,9 +1048,9 @@ #define KRB5_GET_INIT_CREDS_OPT_SHADOWED 0x40000000 #define krb5_gic_opt_is_extended(s) \ - (((s)->flags & KRB5_GET_INIT_CREDS_OPT_EXTENDED) ? 1 : 0) + ((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_EXTENDED) ? 1 : 0) #define krb5_gic_opt_is_shadowed(s) \ - (((s)->flags & KRB5_GET_INIT_CREDS_OPT_SHADOWED) ? 1 : 0) + ((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_SHADOWED) ? 1 : 0) typedef struct _krb5_gic_opt_private { Index: src/appl/gssftp/ftp/cmds.c =================================================================== --- src/appl/gssftp/ftp/cmds.c (.../tags/krb5-1-6-1-final) (Revision 19540) +++ src/appl/gssftp/ftp/cmds.c (.../branches/krb5-1-6) (Revision 19540) @@ -168,9 +168,7 @@ } port = htons(iport); } -printf("%s: at line %d\n", __FILE__, __LINE__); host = hookup(argv[1], port); -printf("%s: at line %d\n", __FILE__, __LINE__); if (host) { int overbose; @@ -185,28 +183,20 @@ mode = MODE_S; stru = STRU_F; (void) strcpy(bytename, "8"), bytesize = 8; -printf("%s: at line %d\n", __FILE__, __LINE__); if (autoauth) { -printf("%s: at line %d\n", __FILE__, __LINE__); if (do_auth() && autoencrypt) { -printf("%s: at line %d\n", __FILE__, __LINE__); clevel = PROT_P; setpbsz(1<<20); if (command("PROT P") == COMPLETE) dlevel = PROT_P; else fprintf(stderr, "ftp: couldn't enable encryption\n"); -printf("%s: at line %d\n", __FILE__, __LINE__); } -printf("%s: at line %d\n", __FILE__, __LINE__); if(auth_type && clevel == PROT_C) clevel = PROT_S; -printf("%s: at line %d\n", __FILE__, __LINE__); if(autologin) (void) login(argv[1]); -printf("%s: at line %d\n", __FILE__, __LINE__); } -printf("%s: at line %d\n", __FILE__, __LINE__); #ifndef unix /* sigh */ @@ -221,7 +211,6 @@ * this ifdef is to keep someone form "porting" this to an incompatible * system and not checking this out. This way they have to think about it. */ -printf("%s: at line %d\n", __FILE__, __LINE__); overbose = verbose; if (debug == 0) verbose = -1; Index: src/lib/krb5/krb/gc_frm_kdc.c =================================================================== --- src/lib/krb5/krb/gc_frm_kdc.c (.../tags/krb5-1-6-1-final) (Revision 19540) +++ src/lib/krb5/krb/gc_frm_kdc.c (.../branches/krb5-1-6) (Revision 19540) @@ -1043,6 +1043,7 @@ krb5_free_creds(context, (*tgts)[i]); } free(*tgts); + *tgts = NULL; } context->use_conf_ktypes = 1; retval = krb5_cc_retrieve_cred(context, ccache, RETR_FLAGS, Index: src/lib/krb5/krb/gic_opt.c =================================================================== --- src/lib/krb5/krb/gic_opt.c (.../tags/krb5-1-6-1-final) (Revision 19540) +++ src/lib/krb5/krb/gic_opt.c (.../branches/krb5-1-6) (Revision 19540) @@ -206,8 +206,18 @@ oe = krb5int_gic_opte_alloc(context); if (NULL == oe) return ENOMEM; - memcpy(oe, opt, sizeof(*opt)); - /* Fix these -- overwritten by the copy */ + + if (opt) + memcpy(oe, opt, sizeof(*opt)); + + /* + * Fix the flags -- the EXTENDED flag would have been + * overwritten by the copy if there was one. The + * SHADOWED flag is necessary to ensure that the + * krb5_gic_opt_ext structure that was allocated + * here will be freed by the library because the + * application is unaware of its existence. + */ oe->flags |= ( KRB5_GET_INIT_CREDS_OPT_EXTENDED | KRB5_GET_INIT_CREDS_OPT_SHADOWED); Index: src/util/profile/prof_parse.c =================================================================== --- src/util/profile/prof_parse.c (.../tags/krb5-1-6-1-final) (Revision 19540) +++ src/util/profile/prof_parse.c (.../branches/krb5-1-6) (Revision 19540) @@ -306,8 +306,10 @@ */ static int need_double_quotes(char *str) { - if (!str || !*str) - return 0; + if (!str) + return 0; + if (*str) + return 1; if (isspace((int) (*str)) ||isspace((int) (*(str + strlen(str) - 1)))) return 1; if (strchr(str, '\n') || strchr(str, '\t') || strchr(str, '\b'))