oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Limit AP-REQs to 1MB in krb5_recvauth*()

Browse Source
This commit is contained in:
Nicolas Williams
2023-01-04 02:03:12 -06:00
parent 1d06e8fcb9
commit 6b2e65592d
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/krb5/recvauth.c
View File

@@ -160,6 +160,11 @@ krb5_recvauth_match_version(krb5_context context,
return KRB5_SENDAUTH_BADAPPLVERS; return KRB5_SENDAUTH_BADAPPLVERS;
} }
len = ntohl(len); len = ntohl(len);
if (len > 1024 * 1024) {
krb5_set_error_message(context, ret = KRB5_SENDAUTH_REJECTED,
"AP-REQ too long");
return ret;
}
her_appl_version = malloc (len); her_appl_version = malloc (len);
if (her_appl_version == NULL) { if (her_appl_version == NULL) {
repl = 2; repl = 2;