oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5_decrypt_iov_ivec: Make sure const zero IV is actually const.

Browse Source 
This way if anything _does_ write to it, it has the opportunity to be
caught by SIGSEGV, by having zero_ivec in a .rodata segment mapped
read-only.

fix https://github.com/heimdal/heimdal/issues/1135
This commit is contained in:
Taylor R Campbell
2023-05-28 20:08:15 +00:00
committed by Nico Williams
parent 1b954faeeb
commit ca1200df03
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/krb5/crypto.c
View File

@@ -1922,13 +1922,13 @@ krb5_decrypt_iov_ivec(krb5_context context,
goto cleanup;
} else {
krb5_data ivec_data;
static unsigned char zero_ivec[EVP_MAX_IV_LENGTH];
static const unsigned char zero_ivec[EVP_MAX_IV_LENGTH];
heim_assert(et->blocksize <= sizeof(zero_ivec),
"blocksize too big for ivec buffer");
ivec_data.length = et->blocksize;
ivec_data.data = ivec ? ivec : zero_ivec;
ivec_data.data = ivec ? ivec : rk_UNCONST(zero_ivec);
ret = iov_coalesce(context, &ivec_data, data, num_data, TRUE, &sign_data);
if(ret)