Switch to 1.11 backport of the CVE-2013-1418 patch

krb5-CVE-2013-1418.patch

@@ -1,8 +1,6 @@
-Adjusted to apply to 1.11.3.
-
-commit 5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf
+commit 05c544eef3633b774ca38154ba4c2bf3416b471b
 Author: Tom Yu <tlyu@mit.edu>
-Date:   Mon Nov 4 13:44:29 2013 -0500
+Date:   Mon Nov 4 15:33:09 2013 -0500
 
     Multi-realm KDC null deref [CVE-2013-1418]
     
@@ -15,21 +13,23 @@ Date:   Mon Nov 4 13:44:29 2013 -0500
     exploit, and is only present if a third-party KDC database module can
     dereference a null pointer under certain conditions.
     
-    ticket: 7755 (new)
-    target_version: 1.12
-    tags: pullup
+    (back ported from commit 5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf)
+    
+    ticket: 7756 (new)
+    version_fixed: 1.11.4
+    status: resolved
 
 diff --git a/src/kdc/main.c b/src/kdc/main.c
-index 0f5961a..a7ffe63 100644
+index 1624046..8a085a2 100644
 --- a/src/kdc/main.c
 +++ b/src/kdc/main.c
-@@ -124,6 +124,9 @@ setup_server_realm(struct server_handle *handle, krb5_principal sprinc)
-     kdc_realm_t **kdc_realmlist = handle->kdc_realmlist;
+@@ -125,6 +125,9 @@ setup_server_realm(struct server_handle *handle, krb5_principal sprinc)
      int kdc_numrealms = handle->kdc_numrealms;
  
+     kret = 0;
 +    if (sprinc == NULL)
 +        return NULL;
 +
-     kret = 0;
      if (kdc_numrealms > 1) {
          if (!(newrealm = find_realm_data(handle, sprinc->realm.data,
+                                          (krb5_ui_4) sprinc->realm.length)))