krb5/krb5-1.8-api.patch

Reference docs don't define what happens if you call krb5_realm_compare() with
malformed krb5_principal structures.  Define a behavior which keeps it from
crashing if applications don't check ahead of time.

diff -up krb5-1.8/src/lib/krb5/krb/princ_comp.c.api krb5-1.8/src/lib/krb5/krb/princ_comp.c
--- krb5-1.8/src/lib/krb5/krb/princ_comp.c.api	2009-10-30 20:48:38.000000000 -0400
+++ krb5-1.8/src/lib/krb5/krb/princ_comp.c	2010-03-05 11:00:55.000000000 -0500
@@ -41,6 +41,12 @@ realm_compare_flags(krb5_context context
     const krb5_data *realm1 = krb5_princ_realm(context, princ1);
     const krb5_data *realm2 = krb5_princ_realm(context, princ2);
 
+    if ((princ1 == NULL) || (princ2 == NULL))
+        return FALSE;
+
+    if ((realm1 == NULL) || (realm2 == NULL))
+        return FALSE;
+
     if (realm1->length != realm2->length)
         return FALSE;
 
@@ -92,6 +98,9 @@ krb5_principal_compare_flags(krb5_contex
     krb5_principal upn2 = NULL;
     krb5_boolean ret = FALSE;
 
+    if ((princ1 == NULL) || (princ2 == NULL))
+        return FALSE;
+
     if (flags & KRB5_PRINCIPAL_COMPARE_ENTERPRISE) {
         /* Treat UPNs as if they were real principals */
         if (krb5_princ_type(context, princ1) == KRB5_NT_ENTERPRISE_PRINCIPAL) {