diff options
author | Volker Lendecke <vl@samba.org> | 2016-11-18 18:02:30 +0000 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-12-20 07:51:14 +0100 |
commit | c15464f886f9734982123d38594073601d49f151 (patch) | |
tree | ed045bb10a8d7b8ae849388ec9bd1ae3326edca5 /source4/heimdal | |
parent | fb318ab0203297019c5e47c6bef4a9abfdeea8a5 (diff) | |
download | samba-c15464f886f9734982123d38594073601d49f151.tar.gz |
HEIMDAL:lib/krb5: Harden ARCFOUR_sub{en,de}crypt()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4/heimdal')
-rw-r--r-- | source4/heimdal/lib/krb5/crypto-arcfour.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/source4/heimdal/lib/krb5/crypto-arcfour.c b/source4/heimdal/lib/krb5/crypto-arcfour.c index e16b70cca40..2289e7deedb 100644 --- a/source4/heimdal/lib/krb5/crypto-arcfour.c +++ b/source4/heimdal/lib/krb5/crypto-arcfour.c @@ -139,6 +139,10 @@ ARCFOUR_subencrypt(krb5_context context, unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; krb5_error_code ret; + if (len < 16) { + return KRB5KRB_AP_ERR_INAPP_CKSUM; + } + t[0] = (usage >> 0) & 0xFF; t[1] = (usage >> 8) & 0xFF; t[2] = (usage >> 16) & 0xFF; @@ -207,6 +211,10 @@ ARCFOUR_subdecrypt(krb5_context context, unsigned char cksum_data[16]; krb5_error_code ret; + if (len < 16) { + return KRB5KRB_AP_ERR_INAPP_CKSUM; + } + t[0] = (usage >> 0) & 0xFF; t[1] = (usage >> 8) & 0xFF; t[2] = (usage >> 16) & 0xFF; |