oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

check for underruns

Browse Source
This commit is contained in:
Love Hornquist Astrand
2010-03-21 21:05:21 -07:00
parent d02418be27
commit 4660ec8358
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/krb5/crypto.c
View File

@@ -3144,8 +3144,14 @@ decrypt_internal(krb5_context context,
krb5_clear_error_message(context);
return KRB5_BAD_MSIZE;
}
checksum_sz = CHECKSUMSIZE(et->checksum);
if (len < checksum_sz + et->confoundersize) {
krb5_set_error_message(context, KRB5_BAD_MSIZE,
N_("Encrypted data shorter then "
"checksum + confunder", ""));
return KRB5_BAD_MSIZE;
}
p = malloc(len);
if(len != 0 && p == NULL) {
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
@@ -3207,6 +3213,12 @@ decrypt_internal_special(krb5_context context,
krb5_clear_error_message(context);
return KRB5_BAD_MSIZE;
}
if (len < cksum_sz + et->confoundersize) {
krb5_set_error_message(context, KRB5_BAD_MSIZE,
N_("Encrypted data shorter then "
"checksum + confunder", ""));
return KRB5_BAD_MSIZE;
}
p = malloc (len);
if (p == NULL) {