From e8de24f236ed5fdfec184e5cc8b2aceae2d2ba57 Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Mon, 2 Mar 2020 17:10:11 +1100
Subject: [PATCH] gss: initialize mech output parameters in mechglue

Initialize mechanism output parameters before calling mechanism
GSS_Accept_sec_context(), to behave robustly with poorly implemented mechanisms
that may return before initializing them.
---
 lib/gssapi/mech/gss_accept_sec_context.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/lib/gssapi/mech/gss_accept_sec_context.c b/lib/gssapi/mech/gss_accept_sec_context.c
index 85d6ef826..69de22f53 100644
--- a/lib/gssapi/mech/gss_accept_sec_context.c
+++ b/lib/gssapi/mech/gss_accept_sec_context.c
@@ -161,9 +161,9 @@ gss_accept_sec_context(OM_uint32 *minor_status,
 	struct _gss_cred *cred = (struct _gss_cred *) acceptor_cred_handle;
 	struct _gss_mechanism_cred *mc;
 	gss_const_cred_id_t acceptor_mc;
-	gss_cred_id_t delegated_mc;
-	gss_name_t src_mn;
-	gss_OID mech_ret_type = NULL;
+	gss_cred_id_t delegated_mc = GSS_C_NO_CREDENTIAL;
+	gss_name_t src_mn = GSS_C_NO_NAME;
+	gss_OID mech_ret_type = GSS_C_NO_OID;
 
 	*minor_status = 0;
 	if (src_name)
@@ -229,7 +229,6 @@ gss_accept_sec_context(OM_uint32 *minor_status,
 	} else {
 		acceptor_mc = GSS_C_NO_CREDENTIAL;
 	}
-	delegated_mc = GSS_C_NO_CREDENTIAL;
 
 	mech_ret_flags = 0;
 	major_status = m->gm_accept_sec_context(minor_status,
-- 
2.11.4.GIT