]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b2e54d1)
STABLE12-rxkad-check-tkt-length-20030610
authorDerrick Brashear <shadow@dementia.org>
Tue, 10 Jun 2003 20:22:47 +0000 (20:22 +0000)
committerDerrick Brashear <shadow@dementia.org>
Tue, 10 Jun 2003 20:22:47 +0000 (20:22 +0000)
tkt_DecodeTicket didn't seem to check that ticketLen < MAXKTCTICKETLEN

didn't matter since no callers failed to check, but we should enforce this where the limit is

(cherry picked from commit 8a33c2d8a590d92df27d7febf708449feae17254)

src/rxkad/ticket.c patch | blob | history

diff --git a/src/rxkad/ticket.c b/src/rxkad/ticket.c
index 9b9132be0d5423e20a2daf8108f99b5248410571..6244c8e74c90ca72f1230bf7e274474504ad7497 100644 (file)
--- a/src/rxkad/ticket.c
+++ b/src/rxkad/ticket.c
@@ -101,6 +101,7 @@ int tkt_DecodeTicket (asecret, ticketLen, key,
 
     if (ticketLen == 0) return RXKADBADTICKET; /* no ticket */
     if ((ticketLen < MINKTCTICKETLEN) || /* minimum legal ticket size */
+       (ticketLen > MAXKTCTICKETLEN) || /* maximum legal ticket size */
        ((ticketLen) % 8 != 0))         /* enc. part must be (0 mod 8) bytes */
        return RXKADBADTICKET;