s4:kdc: Don't pass a NULL pointer into krb5_pac_add_buffer()

Heimdal contains an assertion that the data pointer is not NULL. We need
to pass in a pointer to some dummy data instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 47ef49fd91f050ce4a79a8471b3e66c808f48752)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15476

diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 6692619065bc0728ece9bf4b7bde4819c819e3ee..2b9553588b3e0881f0986510fe7383092a590846 100644 (file)
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -1827,6 +1827,9 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx,
                DATA_BLOB type_blob = data_blob_null;
                uint32_t type;
 
+               static char null_byte = '\0';
+               const krb5_data null_data = smb_krb5_make_data(&null_byte, 0);
+
                if (forced_next_type != 0) {
                        /*
                         * We need to inject possible missing types
@@ -1986,10 +1989,14 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx,
                        }
                }
 
+               /*
+                * Passing a NULL pointer into krb5_pac_add_buffer() is
+                * not allowed, so pass null_data instead if needed.
+                */
                code = krb5_pac_add_buffer(context,
                                           new_pac,
                                           type,
-                                          &type_data);
+                                          (type_data.data != NULL) ? &type_data : &null_data);
                smb_krb5_free_data_contents(context, &type_data);
                if (code != 0) {
                        goto done;