From af2ea417dadc1b5391b6d1c9b2d54fdcea690265 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Mon, 28 Oct 2019 14:16:11 +0100
Subject: [PATCH] SSH-01-006: Add missing NULL check in
 ssh_gssapi_handle_userauth()

Fixes T193

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 src/gssapi.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/gssapi.c b/src/gssapi.c
index 7f78c04d..9a32fa90 100644
--- a/src/gssapi.c
+++ b/src/gssapi.c
@@ -235,6 +235,10 @@ int ssh_gssapi_handle_userauth(ssh_session session, const char *user, uint32_t n
     for (i=0 ; i< n_oid ; ++i){
         unsigned char *oid_s = (unsigned char *) ssh_string_data(oids[i]);
         size_t len = ssh_string_len(oids[i]);
+
+        if (oid_s == NULL) {
+            continue;
+        }
         if(len < 2 || oid_s[0] != SSH_OID_TAG || ((size_t)oid_s[1]) != len - 2){
             SSH_LOG(SSH_LOG_WARNING,"GSSAPI: received invalid OID");
             continue;