From 5b372d7015553a0ab9523999184124fa9d6555e7 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 8 Mar 2012 16:15:09 +1100
Subject: auth/kerberos: Ensure we do not print invalid memory in failure case

This codeblock may not have any set->elements, so we should not print them.  Copy&paste in the original code.

Andrew Bartlett
---
 auth/kerberos/gssapi_pac.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'auth/kerberos')

diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c
index d0de11efdf2..8a4d8c3be14 100644
--- a/auth/kerberos/gssapi_pac.c
+++ b/auth/kerberos/gssapi_pac.c
@@ -209,10 +209,7 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx,
 		krb5_free_keyblock(NULL /* should be krb5_context */, subkey);
 		return NT_STATUS_OK;
 #else
-		DEBUG(0, ("gss_inquire_sec_context_by_oid returned unknown "
-			  "OID for data in results:\n"));
-		dump_data(1, (uint8_t *)set->elements[1].value,
-			     set->elements[1].length);
+		DEBUG(0, ("gss_inquire_sec_context_by_oid didn't return any session key (and no alternative method available)\n"));
 		return NT_STATUS_NO_USER_SESSION_KEY;
 #endif
 	}
-- 
cgit v1.2.1