oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(_kadm5_client_recv): handle arbitrarily sized packets, check for errors

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6122 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1999-05-04 10:18:50 +00:00
parent 43e280837c
commit fd92b75e07
1 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
lib/kadm5/send_recv.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan * Copyright (c) 1997, 1999 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -70,18 +70,25 @@ _kadm5_client_send(kadm5_client_context *context, krb5_storage *sp)
kadm5_ret_t kadm5_ret_t
_kadm5_client_recv(kadm5_client_context *context, krb5_storage *sp) _kadm5_client_recv(kadm5_client_context *context, krb5_storage *sp)
{ {
unsigned char buf[1024]; unsigned char *buf;
size_t len; size_t len;
krb5_error_code ret; krb5_error_code ret;
krb5_data data, reply; krb5_data data, reply;
krb5_net_read(context->context, &context->sock, buf, 4); len = krb5_net_read(context->context, &context->sock, buf, 4);
if(len != 4)
return KADM5_RPC_ERROR;
len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3]; len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
if(len > sizeof(buf)) buf = malloc(len);
return ENOMEM; /* XXX */ if(buf == NULL)
krb5_net_read(context->context, &context->sock, buf, len); return ENOMEM;
if(krb5_net_read(context->context, &context->sock, buf, len) != len) {
free(buf);
return KADM5_RPC_ERROR;
}
data.length = len; data.length = len;
data.data = buf; data.data = buf;
ret = krb5_rd_priv(context->context, context->ac, &data, &reply, NULL); ret = krb5_rd_priv(context->context, context->ac, &data, &reply, NULL);
krb5_data_free(&data);
sp->store(sp, reply.data, reply.length); sp->store(sp, reply.data, reply.length);
sp->seek(sp, 0, SEEK_SET); sp->seek(sp, 0, SEEK_SET);
krb5_data_free(&reply); krb5_data_free(&reply);