krb5/0107-Fix-LDAP-null-deref-on-empty-arg-CVE-2016-3119.patch

diff -rupN krb5-1.14/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c krb5-1.14-patched/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
--- krb5-1.14/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c	2016-03-23 14:00:44.669126353 +0100
+++ krb5-1.14-patched/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c	2016-03-23 14:01:45.993680720 +0100
@@ -267,6 +267,7 @@ process_db_args(krb5_context context, ch
     if (db_args) {
         for (i=0; db_args[i]; ++i) {
             arg = strtok_r(db_args[i], "=", &arg_val);
+            arg = (arg != NULL) ? arg : "";
             if (strcmp(arg, TKTPOLICY_ARG) == 0) {
                 dptr = &xargs->tktpolicydn;
             } else {
Accepting request 378678 from home:guohouzuo:branches:network - Introduce patch 0107-Fix-LDAP-null-deref-on-empty-arg-CVE-2016-3119.patch to fix CVE-2016-3119 (bsc#971942) OBS-URL: https://build.opensuse.org/request/show/378678 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=162 2016-03-23 13:16:38 +00:00			`diff -rupN krb5-1.14/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c krb5-1.14-patched/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c`
			`--- krb5-1.14/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2016-03-23 14:00:44.669126353 +0100`
			`+++ krb5-1.14-patched/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2016-03-23 14:01:45.993680720 +0100`
			`@@ -267,6 +267,7 @@ process_db_args(krb5_context context, ch`
			`if (db_args) {`
			`for (i=0; db_args[i]; ++i) {`
			`arg = strtok_r(db_args[i], "=", &arg_val);`
			`+ arg = (arg != NULL) ? arg : "";`
			`if (strcmp(arg, TKTPOLICY_ARG) == 0) {`
			`dptr = &xargs->tktpolicydn;`
			`} else {`