oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

use ASN1_MALLOC_ENCODE

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11372 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2002-09-04 16:26:05 +00:00
parent c93497a2e8
commit ddc308c36f
11 changed files with 104 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/krb5/build_ap_req.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -66,15 +66,10 @@ krb5_build_ap_req (krb5_context context,
ap.authenticator.kvno = NULL; ap.authenticator.kvno = NULL;
ap.authenticator.cipher = authenticator; ap.authenticator.cipher = authenticator;
retdata->length = length_AP_REQ(&ap); ASN1_MALLOC_ENCODE(AP_REQ, retdata->data, retdata->length,
retdata->data = malloc(retdata->length); &ap, &len, ret);
if(retdata->data == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
} else
encode_AP_REQ((unsigned char *)retdata->data + retdata->length - 1,
retdata->length, &ap, &len);
free_AP_REQ(&ap); free_AP_REQ(&ap);
return ret; return ret;
} }

16
lib/krb5/build_auth.c
View File

@@ -92,22 +92,10 @@ krb5_build_authenticator (krb5_context context,
auth_context->authenticator->cusec = auth->cusec; auth_context->authenticator->cusec = auth->cusec;
} }
buf_size = length_Authenticator(auth); ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, auth, &len, ret);
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto fail;
}
ret = krb5_encode_Authenticator (context, if (ret)
buf + buf_size - 1,
buf_size,
auth, &len);
if (ret) {
krb5_set_error_string(context, "internal error in ASN.1 encoder");
goto fail; goto fail;
}
ret = krb5_crypto_init(context, &cred->session, enctype, &crypto); ret = krb5_crypto_init(context, &cred->session, enctype, &crypto);
if (ret) if (ret)

78
lib/krb5/get_cred.c
View File

@@ -54,36 +54,14 @@ make_pa_tgs_req(krb5_context context,
krb5_data in_data; krb5_data in_data;
krb5_error_code ret; krb5_error_code ret;
buf_size = 1024; ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, body, &len, ret);
buf = malloc (buf_size); if (ret)
if (buf == NULL) { goto out;
krb5_set_error_string(context, "malloc: out of memory"); if(buf_size != len)
return ENOMEM; krb5_abortx(context, "internal error in ASN.1 encoder");
}
do {
ret = encode_KDC_REQ_BODY(buf + buf_size - 1, buf_size,
body, &len);
if (ret){
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
buf = tmp;
} else {
goto out;
}
}
} while (ret == ASN1_OVERFLOW);
in_data.length = len; in_data.length = len;
in_data.data = buf + buf_size - len; in_data.data = buf;
ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds, ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
&padata->padata_value, &padata->padata_value,
KRB5_KU_TGS_REQ_AUTH_CKSUM, KRB5_KU_TGS_REQ_AUTH_CKSUM,
@@ -113,18 +91,9 @@ set_auth_data (krb5_context context,
krb5_crypto crypto; krb5_crypto crypto;
krb5_error_code ret; krb5_error_code ret;
len = length_AuthorizationData(authdata); ASN1_MALLOC_ENCODE(AuthorizationData, buf, len, authdata, &len, ret);
buf = malloc(len); if (ret)
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
ret = encode_AuthorizationData(buf + len - 1,
len, authdata, &len);
if (ret) {
free (buf);
return ret; return ret;
}
ALLOC(req_body->enc_authorization_data, 1); ALLOC(req_body->enc_authorization_data, 1);
if (req_body->enc_authorization_data == NULL) { if (req_body->enc_authorization_data == NULL) {
@@ -434,34 +403,11 @@ get_cred_kdc_usage(krb5_context context,
if (ret) if (ret)
goto out; goto out;
buf_size = 1024; ASN1_MALLOC_ENCODE(TGS_REQ, buf, buf_size, &req, &enc.length, ret);
buf = malloc (buf_size); if (ret)
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out; goto out;
} if(enc.length != buf_size)
krb5_abortx(context, "internal error in ASN.1 encoder");
do {
ret = encode_TGS_REQ (buf + buf_size - 1, buf_size,
&req, &enc.length);
if (ret) {
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
buf = tmp;
} else {
goto out;
}
}
} while (ret == ASN1_OVERFLOW);
/* don't free addresses */ /* don't free addresses */
req.req_body.addresses = NULL; req.req_body.addresses = NULL;

28
lib/krb5/get_for_creds.c
View File

@@ -162,7 +162,8 @@ krb5_get_forwarded_creds (krb5_context context,
KrbCredInfo *krb_cred_info; KrbCredInfo *krb_cred_info;
EncKrbCredPart enc_krb_cred_part; EncKrbCredPart enc_krb_cred_part;
size_t len; size_t len;
u_char buf[1024]; unsigned char *buf;
size_t buf_size;
int32_t sec, usec; int32_t sec, usec;
krb5_kdc_flags kdc_flags; krb5_kdc_flags kdc_flags;
krb5_crypto crypto; krb5_crypto crypto;
@@ -320,14 +321,15 @@ krb5_get_forwarded_creds (krb5_context context,
/* encode EncKrbCredPart */ /* encode EncKrbCredPart */
ret = krb5_encode_EncKrbCredPart (context, ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size,
buf + sizeof(buf) - 1, sizeof(buf), &enc_krb_cred_part, &len, ret);
&enc_krb_cred_part, &len);
free_EncKrbCredPart (&enc_krb_cred_part); free_EncKrbCredPart (&enc_krb_cred_part);
if (ret) { if (ret) {
free_KRB_CRED(&cred); free_KRB_CRED(&cred);
return ret; return ret;
} }
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
if (auth_context->local_subkey) if (auth_context->local_subkey)
key = auth_context->local_subkey; key = auth_context->local_subkey;
@@ -338,34 +340,32 @@ krb5_get_forwarded_creds (krb5_context context,
ret = krb5_crypto_init(context, key, 0, &crypto); ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) { if (ret) {
free(buf);
free_KRB_CRED(&cred); free_KRB_CRED(&cred);
return ret; return ret;
} }
ret = krb5_encrypt_EncryptedData (context, ret = krb5_encrypt_EncryptedData (context,
crypto, crypto,
KRB5_KU_KRB_CRED, KRB5_KU_KRB_CRED,
buf + sizeof(buf) - len, buf,
len, len,
0, 0,
&cred.enc_part); &cred.enc_part);
free(buf);
krb5_crypto_destroy(context, crypto); krb5_crypto_destroy(context, crypto);
if (ret) { if (ret) {
free_KRB_CRED(&cred); free_KRB_CRED(&cred);
return ret; return ret;
} }
ret = encode_KRB_CRED (buf + sizeof(buf) - 1, sizeof(buf), ASN1_MALLOC_ENCODE(KRB_CRED, buf, buf_size, &cred, &len, ret);
&cred, &len);
free_KRB_CRED (&cred); free_KRB_CRED (&cred);
if (ret) if (ret)
return ret; return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
out_data->length = len; out_data->length = len;
out_data->data = malloc(len); out_data->data = buf;
if (out_data->data == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
memcpy (out_data->data, buf + sizeof(buf) - len, len);
return 0; return 0;
out4: out4:
free_EncKrbCredPart(&enc_krb_cred_part); free_EncKrbCredPart(&enc_krb_cred_part);

65
lib/krb5/get_in_tkt.c
View File

@@ -158,22 +158,12 @@ _krb5_extract_ticket(krb5_context context,
creds->client = tmp_principal; creds->client = tmp_principal;
/* extract ticket */ /* extract ticket */
{ ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
unsigned char *buf; &rep->kdc_rep.ticket, &creds->ticket.length, ret);
size_t len; if(ret)
len = length_Ticket(&rep->kdc_rep.ticket); goto out;
buf = malloc(len); creds->second_ticket.length = 0;
if(buf == NULL) { creds->second_ticket.data = NULL;
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
encode_Ticket(buf + len - 1, len, &rep->kdc_rep.ticket, &len);
creds->ticket.data = buf;
creds->ticket.length = len;
creds->second_ticket.length = 0;
creds->second_ticket.data = NULL;
}
/* compare server */ /* compare server */
@@ -315,7 +305,8 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
krb5_enctype etype, krb5_keyblock *key) krb5_enctype etype, krb5_keyblock *key)
{ {
PA_ENC_TS_ENC p; PA_ENC_TS_ENC p;
u_char buf[1024]; unsigned char *buf;
size_t buf_size;
size_t len; size_t len;
EncryptedData encdata; EncryptedData encdata;
krb5_error_code ret; krb5_error_code ret;
@@ -328,39 +319,37 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
usec2 = usec; usec2 = usec;
p.pausec = &usec2; p.pausec = &usec2;
ret = encode_PA_ENC_TS_ENC(buf + sizeof(buf) - 1, ASN1_MALLOC_ENCODE(PA_ENC_TS_ENC, buf, buf_size, &p, &len, ret);
sizeof(buf),
&p,
&len);
if (ret) if (ret)
return ret; return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto); ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) if (ret) {
free(buf);
return ret; return ret;
}
ret = krb5_encrypt_EncryptedData(context, ret = krb5_encrypt_EncryptedData(context,
crypto, crypto,
KRB5_KU_PA_ENC_TIMESTAMP, KRB5_KU_PA_ENC_TIMESTAMP,
buf + sizeof(buf) - len, buf,
len, len,
0, 0,
&encdata); &encdata);
free(buf);
krb5_crypto_destroy(context, crypto); krb5_crypto_destroy(context, crypto);
if (ret) if (ret)
return ret; return ret;
ret = encode_EncryptedData(buf + sizeof(buf) - 1, ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret);
sizeof(buf),
&encdata,
&len);
free_EncryptedData(&encdata); free_EncryptedData(&encdata);
if (ret) if (ret)
return ret; return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP; pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP;
pa->padata_value.length = 0; pa->padata_value.length = len;
krb5_data_copy(&pa->padata_value, pa->padata_value.data = buf;
buf + sizeof(buf) - len,
len);
return 0; return 0;
} }
@@ -657,7 +646,7 @@ krb5_get_in_cred(krb5_context context,
AS_REQ a; AS_REQ a;
krb5_kdc_rep rep; krb5_kdc_rep rep;
krb5_data req, resp; krb5_data req, resp;
char buf[BUFSIZ]; size_t len;
krb5_salt salt; krb5_salt salt;
krb5_keyblock *key; krb5_keyblock *key;
size_t size; size_t size;
@@ -693,17 +682,15 @@ krb5_get_in_cred(krb5_context context,
if (ret) if (ret)
return ret; return ret;
ret = encode_AS_REQ ((unsigned char*)buf + sizeof(buf) - 1, ASN1_MALLOC_ENCODE(AS_REQ, req.data, req.length, &a, &len, ret);
sizeof(buf),
&a,
&req.length);
free_AS_REQ(&a); free_AS_REQ(&a);
if (ret) if (ret)
return ret; return ret;
if(len != req.length)
req.data = buf + sizeof(buf) - req.length; krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp); ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp);
krb5_data_free(&req);
if (ret) if (ret)
return ret; return ret;

49
lib/krb5/mk_error.c
View File

@@ -47,8 +47,6 @@ krb5_mk_error(krb5_context context,
krb5_data *reply) krb5_data *reply)
{ {
KRB_ERROR msg; KRB_ERROR msg;
u_char *buf;
size_t buf_size;
int32_t sec, usec; int32_t sec, usec;
size_t len; size_t len;
krb5_error_code ret = 0; krb5_error_code ret = 0;
@@ -84,45 +82,10 @@ krb5_mk_error(krb5_context context,
msg.cname = &client->name; msg.cname = &client->name;
} }
buf_size = 1024; ASN1_MALLOC_ENCODE(KRB_ERROR, reply->data, reply->length, &msg, &len, ret);
buf = malloc (buf_size); if (ret)
if (buf == NULL) { return ret;
krb5_set_error_string (context, "malloc: out of memory"); if(reply->length != len)
return ENOMEM; krb5_abortx(context, "internal error in ASN.1 encoder");
} return 0;
do {
ret = encode_KRB_ERROR(buf + buf_size - 1,
buf_size,
&msg,
&len);
if (ret) {
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
buf = tmp;
} else {
goto out;
}
}
} while (ret == ASN1_OVERFLOW);
reply->length = len;
reply->data = malloc(len);
if (reply->data == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
memcpy (reply->data, buf + buf_size - len, len);
out:
free (buf);
return ret;
} }

65
lib/krb5/mk_priv.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -35,10 +35,7 @@
RCSID("$Id$"); RCSID("$Id$");
/*
*
*/
krb5_error_code krb5_error_code
krb5_mk_priv(krb5_context context, krb5_mk_priv(krb5_context context,
krb5_auth_context auth_context, krb5_auth_context auth_context,
@@ -83,35 +80,11 @@ krb5_mk_priv(krb5_context context,
part.s_address = auth_context->local_address; part.s_address = auth_context->local_address;
part.r_address = auth_context->remote_address; part.r_address = auth_context->remote_address;
buf_size = 1024;
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
krb5_data_zero (&s.enc_part.cipher); krb5_data_zero (&s.enc_part.cipher);
do { ASN1_MALLOC_ENCODE(EncKrbPrivPart, buf, buf_size, &part, &len, ret);
ret = encode_EncKrbPrivPart (buf + buf_size - 1, buf_size, if (ret)
&part, &len); goto fail;
if (ret) {
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto fail;
}
buf = tmp;
} else {
goto fail;
}
}
} while(ret == ASN1_OVERFLOW);
s.pvno = 5; s.pvno = 5;
s.msg_type = krb_priv; s.msg_type = krb_priv;
@@ -134,37 +107,21 @@ krb5_mk_priv(krb5_context context,
free(buf); free(buf);
return ret; return ret;
} }
free(buf);
do {
ret = encode_KRB_PRIV (buf + buf_size - 1, buf_size, &s, &len);
if (ret){ ASN1_MALLOC_ENCODE(KRB_PRIV, buf, buf_size, &s, &len, ret);
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2; if(ret)
tmp = realloc (buf, buf_size); goto fail;
if (tmp == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto fail;
}
buf = tmp;
} else {
goto fail;
}
}
} while(ret == ASN1_OVERFLOW);
krb5_data_free (&s.enc_part.cipher); krb5_data_free (&s.enc_part.cipher);
outbuf->length = len; ret = krb5_data_copy(outbuf, buf + buf_size - len, len);
outbuf->data = malloc (len); if (ret) {
if (outbuf->data == NULL) {
krb5_set_error_string (context, "malloc: out of memory"); krb5_set_error_string (context, "malloc: out of memory");
free(buf); free(buf);
return ENOMEM; return ENOMEM;
} }
memcpy (outbuf->data, buf + buf_size - len, len);
free (buf); free (buf);
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber = auth_context->local_seqnumber =

36
lib/krb5/mk_rep.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -72,21 +72,10 @@ krb5_mk_rep(krb5_context context,
ap.enc_part.etype = auth_context->keyblock->keytype; ap.enc_part.etype = auth_context->keyblock->keytype;
ap.enc_part.kvno = NULL; ap.enc_part.kvno = NULL;
buf_size = length_EncAPRepPart(&body); ASN1_MALLOC_ENCODE(EncAPRepPart, buf, buf_size, &body, &len, ret);
buf = malloc (buf_size);
if (buf == NULL) {
free_EncAPRepPart (&body);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = krb5_encode_EncAPRepPart (context,
buf + buf_size - 1,
buf_size,
&body,
&len);
free_EncAPRepPart (&body); free_EncAPRepPart (&body);
if(ret)
return ret;
ret = krb5_crypto_init(context, auth_context->keyblock, ret = krb5_crypto_init(context, auth_context->keyblock,
0 /* ap.enc_part.etype */, &crypto); 0 /* ap.enc_part.etype */, &crypto);
if (ret) { if (ret) {
@@ -105,20 +94,7 @@ krb5_mk_rep(krb5_context context,
return ret; return ret;
} }
buf_size = length_AP_REP(&ap); ASN1_MALLOC_ENCODE(AP_REP, outbuf->data, outbuf->length, &ap, &len, ret);
buf = realloc(buf, buf_size);
if(buf == NULL) {
free_AP_REP (&ap);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = encode_AP_REP (buf + buf_size - 1, buf_size, &ap, &len);
free_AP_REP (&ap); free_AP_REP (&ap);
return ret;
if(len != buf_size)
krb5_abortx(context, "krb5_mk_rep: encoded length != calculated length");
outbuf->data = buf;
outbuf->length = len;
return 0;
} }

44
lib/krb5/mk_safe.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -48,7 +48,6 @@ krb5_mk_safe(krb5_context context,
KerberosTime sec2; KerberosTime sec2;
int usec2; int usec2;
u_char *buf = NULL; u_char *buf = NULL;
void *tmp;
size_t buf_size; size_t buf_size;
size_t len; size_t len;
u_int32_t tmp_seq; u_int32_t tmp_seq;
@@ -85,17 +84,11 @@ krb5_mk_safe(krb5_context context,
s.cksum.checksum.data = NULL; s.cksum.checksum.data = NULL;
s.cksum.checksum.length = 0; s.cksum.checksum.length = 0;
buf_size = length_KRB_SAFE(&s); ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
buf = malloc(buf_size + 128); /* add some for checksum */ if (ret)
if(buf == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
if (ret) {
free (buf);
return ret; return ret;
} if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto); ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) { if (ret) {
free (buf); free (buf);
@@ -105,7 +98,7 @@ krb5_mk_safe(krb5_context context,
crypto, crypto,
KRB5_KU_KRB_SAFE_CKSUM, KRB5_KU_KRB_SAFE_CKSUM,
0, 0,
buf + buf_size - len, buf,
len, len,
&s.cksum); &s.cksum);
krb5_crypto_destroy(context, crypto); krb5_crypto_destroy(context, crypto);
@@ -114,27 +107,16 @@ krb5_mk_safe(krb5_context context,
return ret; return ret;
} }
buf_size = length_KRB_SAFE(&s); free(buf);
tmp = realloc(buf, buf_size); ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
if(tmp == NULL) {
free(buf);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
buf = tmp;
ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
free_Checksum (&s.cksum); free_Checksum (&s.cksum);
if(ret)
return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
outbuf->length = len; outbuf->length = len;
outbuf->data = malloc (len); outbuf->data = buf;
if (outbuf->data == NULL) {
free (buf);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber = auth_context->local_seqnumber =
(auth_context->local_seqnumber + 1) & 0xFFFFFFFF; (auth_context->local_seqnumber + 1) & 0xFFFFFFFF;

9
lib/krb5/rd_cred.c
View File

@@ -214,7 +214,6 @@ krb5_rd_cred(krb5_context context,
for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) { for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) {
KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i]; KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i];
krb5_creds *creds; krb5_creds *creds;
u_char buf[1024];
size_t len; size_t len;
creds = calloc(1, sizeof(*creds)); creds = calloc(1, sizeof(*creds));
@@ -224,12 +223,12 @@ krb5_rd_cred(krb5_context context,
goto out; goto out;
} }
ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf), ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
&cred.tickets.val[i], &cred.tickets.val[i], &len, ret);
&len);
if (ret) if (ret)
goto out; goto out;
krb5_data_copy (&creds->ticket, buf + sizeof(buf) - len, len); if(creds->ticket.length != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
copy_EncryptionKey (&kci->key, &creds->session); copy_EncryptionKey (&kci->key, &creds->session);
if (kci->prealm && kci->pname) if (kci->prealm && kci->pname)
principalname2krb5_principal (&creds->client, principalname2krb5_principal (&creds->client,

18
lib/krb5/rd_safe.c
View File

@@ -53,19 +53,11 @@ verify_checksum(krb5_context context,
safe->cksum.checksum.data = NULL; safe->cksum.checksum.data = NULL;
safe->cksum.checksum.length = 0; safe->cksum.checksum.length = 0;
buf_size = length_KRB_SAFE(safe); ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret);
buf = malloc(buf_size); if(ret)
return ret;
if (buf == NULL) { if(buf_size != len)
ret = ENOMEM; krb5_abortx(context, "internal error in ASN.1 encoder");
krb5_set_error_string (context, "malloc: out of memory");
goto out;
}
ret = encode_KRB_SAFE (buf + buf_size - 1,
buf_size,
safe,
&len);
if (auth_context->remote_subkey) if (auth_context->remote_subkey)
key = auth_context->remote_subkey; key = auth_context->remote_subkey;