oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(process_reply): fix reply length check calculation (reported by

Browse Source 
various people)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11473 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2002-09-29 11:48:34 +00:00
parent 2cf4b93b21
commit 77c4778b71
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/krb5/changepw.c
View File

@@ -175,7 +175,7 @@ process_reply (krb5_context context,
ap_rep_data.length = (reply[4] << 8) | (reply[5]);
priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length;
priv_data.length = len - ap_rep_data.length - 6;
if ((u_char *)priv_data.data + priv_data.length >= reply + len)
if ((u_char *)priv_data.data + priv_data.length > reply + len)
return KRB5_KPASSWD_MALFORMED;
if (ap_rep_data.length) {