From 090c81be6c8693a6dbb979c67cea7f34ab9554ab Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 2 Mar 2012 22:00:59 +0100
Subject: [PATCH] TODO all s4:auth/gensec_gssapi: add NT_STATUS_NO_MEMORY
 checks

metze
---
 source4/auth/gensec/gensec_gssapi.c | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index a61b2b2659cb..506af56170d5 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -451,6 +451,8 @@ static NTSTATUS gensec_gssapi_update_internal(struct gensec_security *gensec_sec
 	input_token.length = in.length;
 	input_token.value = in.data;
 
+	*out = data_blob_null;
+
 	switch (gensec_gssapi_state->sasl_state) {
 	case STAGE_GSS_NEG:
 	{
@@ -660,9 +662,16 @@ init_sec_context_done:
 		gensec_gssapi_state->gss_exchange_count++;
 
 		if (maj_stat == GSS_S_COMPLETE) {
-			*out = data_blob_talloc(out_mem_ctx, output_token.value, output_token.length);
-			gss_release_buffer(&min_stat2, &output_token);
-			
+			if (output_token.length) {
+				*out = data_blob_talloc(out_mem_ctx,
+							output_token.value,
+							output_token.length);
+				gss_release_buffer(&min_stat2, &output_token);
+				if (out->data == NULL) {
+					return NT_STATUS_NO_MEMORY;
+				}
+			}
+
 			if (gensec_gssapi_state->gss_got_flags & GSS_C_DELEG_FLAG &&
 			    gensec_gssapi_state->delegated_cred_handle != GSS_C_NO_CREDENTIAL) {
 				DEBUG(5, ("gensec_gssapi: credentials were delegated\n"));
@@ -692,9 +701,16 @@ init_sec_context_done:
 				return NT_STATUS_OK;
 			}
 		} else if (maj_stat == GSS_S_CONTINUE_NEEDED) {
-			*out = data_blob_talloc(out_mem_ctx, output_token.value, output_token.length);
-			gss_release_buffer(&min_stat2, &output_token);
-			
+			if (output_token.length) {
+				*out = data_blob_talloc(out_mem_ctx,
+							output_token.value,
+							output_token.length);
+				gss_release_buffer(&min_stat2, &output_token);
+				if (out->data == NULL) {
+					return NT_STATUS_NO_MEMORY;
+				}
+			}
+
 			return NT_STATUS_MORE_PROCESSING_REQUIRED;
 		} else if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
 			gss_cred_id_t creds = NULL;
-- 
2.34.1