CVE-2019-14867: Make sure to have storage space for tag
    
    ber_scanf expects a pointer to a ber_tag_t to return the tag pointed at
    by "t", if that is not provided the pointer will be store in whatever
    memory location is pointed by the stack at that time causeing a crash.
    
    It's also possible for unprivileged end users to trigger parsing of the
    krbPrincipalKey.
    
    Fixes #8071: CVE-2019-14867
    
    Reported by Todd Lipcon from Cloudera
    
    Signed-off-by: Simo Sorce <simo@redhat.com>
    Reviewed-By: Christian Heimes <cheimes@redhat.com>
    (cherry picked from commit d2e0d94521893bc5f002a335a8c0b99601e1afd6)
    (cherry picked from commit e11e73abc101361c0b66b3b958a64c9c8f6c608b)