From: Jeffrey Altman <jaltman@mit.edu>
Date: Tue, 20 Apr 2004 15:56:16 +0000 (+0000)
Subject: kaanswertoolong-20040420
X-Git-Tag: openafs-devel-1_3_64~51
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=37d106e228998d58cfe3427ba9bdae66e464c042;p=packages%2Fo%2Fopenafs.git

kaanswertoolong-20040420


when determining whether or not the ticket len is too long for the
receiver to accept we want to compare against the actual ticket length
and not MAXKTCTICKETLEN which is what is used when sizeof(ktc_ticketAnswer)
is used for comparison.
---

diff --git a/src/kauth/kaprocs.c b/src/kauth/kaprocs.c
index 01f4bdc17..92fbc4c37 100644
--- a/src/kauth/kaprocs.c
+++ b/src/kauth/kaprocs.c
@@ -1032,7 +1032,7 @@ PrepareTicketAnswer(oanswer, challenge, ticket, ticketLen, sessionKey, start,
 
     code = KAANSWERTOOLONG;
     if (oanswer->MaxSeqLen <
-	sizeof(struct ka_ticketAnswer) - 5 * MAXKTCNAMELEN)
+	sizeof(struct ka_ticketAnswer) - 5 * MAXKTCNAMELEN - MAXKTCTICKETLEN + ticketLen)
 	return code;
 
     answer = (struct ka_ticketAnswer *)oanswer->SeqBody;
@@ -1958,7 +1958,7 @@ GetTicket(version, call, kvno, authDomain, aticket, sname, sinstance, atimes,
     case 0:
 	code = KAANSWERTOOLONG;
 	if (oanswer->MaxSeqLen <
-	    sizeof(struct ka_getTicketAnswer) - 5 * MAXKTCNAMELEN)
+	    sizeof(struct ka_getTicketAnswer) - 5 * MAXKTCNAMELEN - MAXKTCTICKETLEN + ticketLen)
 	    goto abort;
 
 	answer = (struct ka_getTicketAnswer *)oanswer->SeqBody;