diff options
author | Volker Lendecke <vl@samba.org> | 2016-11-18 18:02:30 +0000 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-12-20 07:51:14 +0100 |
commit | afd8c389c92e38aa59a55127b2594023561b2ddd (patch) | |
tree | 9db948142ad7903d5febc0227d67ab8e1fbdf954 /source4/heimdal | |
parent | c15464f886f9734982123d38594073601d49f151 (diff) | |
download | samba-afd8c389c92e38aa59a55127b2594023561b2ddd.tar.gz |
HEIMDAL:lib/krb5: Harden _krb5_derive_key()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4/heimdal')
-rw-r--r-- | source4/heimdal/lib/krb5/crypto.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/source4/heimdal/lib/krb5/crypto.c b/source4/heimdal/lib/krb5/crypto.c index 98b4554edbc..7dd2af51e3f 100644 --- a/source4/heimdal/lib/krb5/crypto.c +++ b/source4/heimdal/lib/krb5/crypto.c @@ -1855,8 +1855,12 @@ _krb5_derive_key(krb5_context context, memcpy(k + i * et->blocksize, k + (i - 1) * et->blocksize, et->blocksize); - (*et->encrypt)(context, key, k + i * et->blocksize, et->blocksize, - 1, 0, NULL); + ret = (*et->encrypt)(context, key, k + i * et->blocksize, + et->blocksize, 1, 0, NULL); + if (ret) { + krb5_set_error_message(context, ret, N_("encrypt failed", "")); + goto out; + } } } else { /* this case is probably broken, but won't be run anyway */ @@ -1869,7 +1873,12 @@ _krb5_derive_key(krb5_context context, goto out; } memcpy(c, constant, len); - (*et->encrypt)(context, key, c, len, 1, 0, NULL); + ret = (*et->encrypt)(context, key, c, len, 1, 0, NULL); + if (ret) { + free(c); + krb5_set_error_message(context, ret, N_("encrypt failed", "")); + goto out; + } k = malloc(res_len); if(res_len != 0 && k == NULL) { free(c); |