From: Derrick Brashear <shadow@dementia.org>
Date: Fri, 13 Sep 2002 03:48:45 +0000 (+0000)
Subject: rxkad-client-offer-better-bad-token-warnings-20020912
X-Git-Tag: openafs-devel-1_3_50~613
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=33ada3676c4be83dc22cd7765e3904fe7c9377c6;p=packages%2Fo%2Fopenafs.git

rxkad-client-offer-better-bad-token-warnings-20020912


if it's too large to be a valid token, offer a useful error.
---

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index e9b108f77..463c703fc 100644
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -1360,6 +1360,7 @@ DECL_PIOCTL(PSetTokens)
     ain += sizeof(afs_int32);
     stp	= ain;	/* remember where the ticket is */
     if (i < 0 || i > 2000) return EINVAL;	/* malloc may fail */
+    if (i > MAXKTCTICKETLEN) return EINVAL;
     stLen = i;
     ain	+= i;	/* skip over ticket */
     memcpy((char *)&i, ain, sizeof(afs_int32));
diff --git a/src/rxkad/rxkad_client.c b/src/rxkad/rxkad_client.c
index 042e091db..769c33840 100644
--- a/src/rxkad/rxkad_client.c
+++ b/src/rxkad/rxkad_client.c
@@ -190,6 +190,7 @@ struct rx_securityClass *rxkad_NewClientSecurityObject(
     memcpy((void *)tcp->ivec, (void *)sessionkey, sizeof(tcp->ivec));
     tcp->kvno = kvno;			/* key version number */
     tcp->ticketLen = ticketLen;		/* length of ticket */
+    if (tcp->ticketLen > MAXKTCTICKETLEN) return 0; /* bad key */
     memcpy(tcp->ticket, ticket, ticketLen);
 
     LOCK_RXKAD_STATS