summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJasper Lievisse Adriaanse <jasper@cvs.openbsd.org>2010-03-28 20:28:18 +0000
committerJasper Lievisse Adriaanse <jasper@cvs.openbsd.org>2010-03-28 20:28:18 +0000
commite2c630159c40548728c6246d7c2958b6af543a45 (patch)
treec2df6450a7032ab6dbb731ffd054749c00e19d21
parentff3cc83262d602dbc6c2b1274d24f4f1a9dae1cd (diff)
- add another check in decrypt_internal_special()
prompted by miod@ ok miod@ deraadt@
Diffstat
-rw-r--r--kerberosV/src/lib/krb5/crypto.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/kerberosV/src/lib/krb5/crypto.c b/kerberosV/src/lib/krb5/crypto.c
index 94e87d5c769..f82732052db 100644
--- a/kerberosV/src/lib/krb5/crypto.c
+++ b/kerberosV/src/lib/krb5/crypto.c
@@ -3603,6 +3603,12 @@ decrypt_internal_special(krb5_context context,
return KRB5_BAD_MSIZE;
}
+ if (len < cksum_sz + et->confoundersize) {
+ krb5_set_error_string(context, "Encrypted data shorter then "
+ "checksum + confunder");
+ return KRB5_BAD_MSIZE;
+ }
+
p = malloc (len);
if (p == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-13 22:45:56 +0000