From 6217454323b39cedb1b03ac161ecb0ade3ad84e6 Mon Sep 17 00:00:00 2001
From: Greg Hudson <[email protected]>
Date: Sun, 20 Oct 2024 02:09:26 -0400
Subject: [PATCH] Allow null keyblocks in IOV checksum functions

Null keyblocks are allowed by the libk5crypto checksum functions when
the checksum type is not keyed.  However, krb5_c_make_checksum_iov()
and krb5_c_verify_checksum_iov() crash on null keyblock inputs because
they do not check before converting to krb5_key as their non-IOV
variants do.  Add the missing null checks.

ticket: 9146 (new)
---
 src/lib/crypto/krb/make_checksum_iov.c   | 10 ++++++----
 src/lib/crypto/krb/verify_checksum_iov.c | 10 ++++++----
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/lib/crypto/krb/make_checksum_iov.c b/src/lib/crypto/krb/make_checksum_iov.c
index 549180d..84e98b1 100644
--- a/src/lib/crypto/krb/make_checksum_iov.c
+++ b/src/lib/crypto/krb/make_checksum_iov.c
@@ -81,12 +81,14 @@ krb5_c_make_checksum_iov(krb5_context context,
                          krb5_crypto_iov *data,
                          size_t num_data)
 {
-    krb5_key key;
+    krb5_key key = NULL;
     krb5_error_code ret;
 
-    ret = krb5_k_create_key(context, keyblock, &key);
-    if (ret != 0)
-        return ret;
+    if (keyblock != NULL) {
+        ret = krb5_k_create_key(context, keyblock, &key);
+        if (ret != 0)
+            return ret;
+    }
     ret = krb5_k_make_checksum_iov(context, cksumtype, key, usage,
                                    data, num_data);
     krb5_k_free_key(context, key);
diff --git a/src/lib/crypto/krb/verify_checksum_iov.c b/src/lib/crypto/krb/verify_checksum_iov.c
index fc76c0e..47a25a9 100644
--- a/src/lib/crypto/krb/verify_checksum_iov.c
+++ b/src/lib/crypto/krb/verify_checksum_iov.c
@@ -88,12 +88,14 @@ krb5_c_verify_checksum_iov(krb5_context context,
                            size_t num_data,
                            krb5_boolean *valid)
 {
-    krb5_key key;
+    krb5_key key = NULL;
     krb5_error_code ret;
 
-    ret = krb5_k_create_key(context, keyblock, &key);
-    if (ret != 0)
-        return ret;
+    if (keyblock != NULL) {
+        ret = krb5_k_create_key(context, keyblock, &key);
+        if (ret != 0)
+            return ret;
+    }
     ret = krb5_k_verify_checksum_iov(context, checksum_type, key, usage, data,
                                      num_data, valid);
     krb5_k_free_key(context, key);
-- 
2.43.0