From 8a33c2d8a590d92df27d7febf708449feae17254 Mon Sep 17 00:00:00 2001
From: Derrick Brashear <shadow@dementia.org>
Date: Tue, 10 Jun 2003 20:18:34 +0000
Subject: [PATCH] rxkad-check-tkt-length-20030610

tkt_DecodeTicket didn't seem to check that ticketLen < MAXKTCTICKETLEN

didn't matter since no callers failed to check, but we should enforce this where the limit is
---
 src/rxkad/ticket.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/rxkad/ticket.c b/src/rxkad/ticket.c
index 7b5362861..69b9e3868 100644
--- a/src/rxkad/ticket.c
+++ b/src/rxkad/ticket.c
@@ -92,6 +92,7 @@ int tkt_DecodeTicket (char *asecret, afs_int32 ticketLen,
 
     if (ticketLen == 0) return RXKADBADTICKET; /* no ticket */
     if ((ticketLen < MINKTCTICKETLEN) || /* minimum legal ticket size */
+	(ticketLen > MAXKTCTICKETLEN) || /* maximum legal ticket size */
 	((ticketLen) % 8 != 0))		/* enc. part must be (0 mod 8) bytes */
 	return RXKADBADTICKET;
 
-- 
2.39.5