From: Derrick Brashear <shadow@dementia.org>
Date: Fri, 13 Sep 2002 03:53:19 +0000 (+0000)
Subject: STABLE12-rxkad-client-offer-better-bad-token-warnings-20020912
X-Git-Tag: openafs-stable-1_2_7~10
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=177b63cfd0473a91e45a05e94047826913e2e128;p=packages%2Fo%2Fopenafs.git

STABLE12-rxkad-client-offer-better-bad-token-warnings-20020912


if it's too large to be a valid token, offer a useful error.


(cherry picked from commit 33ada3676c4be83dc22cd7765e3904fe7c9377c6)
---

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index 242fdbd38..3bae14863 100644
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -1432,6 +1432,7 @@ static PGCPAGs(avc, afun, areq, ain, aout, ainSize, aoutSize, acred)
     ain += sizeof(afs_int32);
     stp	= ain;	/* remember where the ticket is */
     if (i < 0 || i > 2000) return EINVAL;	/* malloc may fail */
+    if (i > MAXKTCTICKETLEN) return EINVAL;
     stLen = i;
     ain	+= i;	/* skip over ticket */
     memcpy((char *)&i, ain, sizeof(afs_int32));
diff --git a/src/rxkad/rxkad_client.c b/src/rxkad/rxkad_client.c
index 637ac769f..44cb9ec1f 100644
--- a/src/rxkad/rxkad_client.c
+++ b/src/rxkad/rxkad_client.c
@@ -196,6 +196,7 @@ rxkad_NewClientSecurityObject(level, sessionkey, kvno, ticketLen, ticket)
     memcpy((void *)tcp->ivec, (void *)sessionkey, sizeof(tcp->ivec));
     tcp->kvno = kvno;			/* key version number */
     tcp->ticketLen = ticketLen;		/* length of ticket */
+    if (tcp->ticketLen > MAXKTCTICKETLEN) return 0; /* bad key */
     memcpy(tcp->ticket, ticket, ticketLen);
 
     LOCK_RXKAD_STATS