pam_pkcs11 0.6.13 pkcs11_inspect crashes in cert_info_sshpuk() if there is no e-mail entry in certificate

[tio-checo]

When running pkcs11_inspect from pam_pkcs11 0.6.13 package, it crashes in openssh mapper in following way:

$ /usr/lib/pam_pkcs11/pkcs11_inspect
PIN for token: 
DEBUG:/builds/jdambors/pam_pkcs11/components/pam_pkcs11/pam_pkcs11-0.6.13/src/mappers/openssh_mapper.c:402: OpenSSH mapper started. debug: 1, mapfile: /etc/security/pam_pkcs11/authorized_keys
Printing data for mapper cn:
PIVKey 59AC15C45B7442498B342B22B71CC0BE
Printing data for mapper subject:
/CN=PIVKey 59AC15C45B7442498B342B22B71CC0BE
DEBUG:/builds/jdambors/pam_pkcs11/components/pam_pkcs11/pam_pkcs11-0.6.13/src/common/cert_info.c:477: Trying to find an email in certificate
DEBUG:/builds/jdambors/pam_pkcs11/components/pam_pkcs11/pam_pkcs11-0.6.13/src/common/cert_info.c:480: No alternate name(s) in certificate
DEBUG:/builds/jdambors/pam_pkcs11/components/pam_pkcs11/pam_pkcs11-0.6.13/src/common/cert_info.c:764: Public key is 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC61OZdoVLU3BIfwc2IJUkgdGDIfhb7TUESJgPukHevMJHcxqb9JIplPEAxHz393AkfdG8bWAXoJBZy4VjcIQw+OmHebFMppNbzTvoCJQeLMjNw+ESYuiulRpH4pUJ1n1oEx0OKZ/BeTCXqnscAT9tZk6ynZhtwslZJ6cWdz6DN1oEAO35+EQZGLzYf67V+DEN6VXjtlE5r3XzWayoi3YoPKTL5xBSyN+MOnb/2WKCK96BzSKKogUdjYQ+cypW+ujaYBu/NI5QsSu3gZFMBwmnkXPGjJTYZ+pyQI8A7ZHPzh4ouyMs1JhVk86AipbDhEmGky0oC3oF3O7JhRwBXYbnH'

Segmentation Fault
$

As debug output from openssh mapper indicates, there is no e-mail in certificate. In such case, cert_info_email() returns NULL which is subsequently assigned to maillist in cert_info_sshpuk(). cert_info_sshpuk() then later calls free_entries(maillist) which leads to the crash, since free_entries() does not verify that it is supplied with valid pointer.