zeroAndReleasePassword must be called with non-NULL buffer

author Luke Howard <lukeh@padl.com>

Mon, 2 Dec 2013 06:09:03 +0000 (17:09 +1100)

committer Kevin Wasserman <kevin.wasserman@painless-security.com>

Thu, 19 Dec 2013 17:17:56 +0000 (12:17 -0500)
author Luke Howard <lukeh@padl.com>
Mon, 2 Dec 2013 06:09:03 +0000 (17:09 +1100)
committer Kevin Wasserman <kevin.wasserman@painless-security.com>
Thu, 19 Dec 2013 17:17:56 +0000 (12:17 -0500)
diff --git a/mech_eap/util_cred.c b/mech_eap/util_cred.c

index 487aa47..06bea24 100644 (file)
--- a/mech_eap/util_cred.c
+++ b/mech_eap/util_cred.c
@@ -72,6 +72,8 @@ gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred)
  static void
  zeroAndReleasePassword(gss_buffer_t password)
  {
+    GSSEAP_ASSERT(password != GSS_C_NO_BUFFER);
+
      if (password->value != NULL) {
          memset(password->value, 0, password->length);
          GSSEAP_FREE(password->value);
author	Luke Howard <lukeh@padl.com>
	Mon, 2 Dec 2013 06:09:03 +0000 (17:09 +1100)
committer	Kevin Wasserman <kevin.wasserman@painless-security.com>
	Thu, 19 Dec 2013 17:17:56 +0000 (12:17 -0500)