1
=== src/lib/rpc/svc_auth_gss.c
2
2
==================================================================
3
--- src/lib/rpc/svc_auth_gss.c (revision 2870)
4
+++ src/lib/rpc/svc_auth_gss.c (local)
6
oa = &msg->rm_call.cb_cred;
3
--- svc_auth_gss.c (/remote/krb5/branches/etch/krb5/src/lib/rpc) (revision 2875)
4
+++ svc_auth_gss.c (/k5-etch/krb5/src/lib/rpc) (local)
6
memset(rpchdr, 0, sizeof(rpchdr));
8
/* XXX - Reconstruct RPC header for signing (from xdr_callmsg). */
9
+ oa = &msg->rm_call.cb_cred;
10
+ if (oa->oa_length > MAX_AUTH_BYTES)
13
+ if (sizeof(rpchdr) < (8 * BYTES_PER_XDR_UNIT +
14
+ RNDUP(oa->oa_length)))
17
buf = (int32_t *)(void *)rpchdr;
18
IXDR_PUT_LONG(buf, msg->rm_xid);
19
IXDR_PUT_ENUM(buf, msg->rm_direction);
21
IXDR_PUT_LONG(buf, msg->rm_call.cb_prog);
22
IXDR_PUT_LONG(buf, msg->rm_call.cb_vers);
23
IXDR_PUT_LONG(buf, msg->rm_call.cb_proc);
24
- oa = &msg->rm_call.cb_cred;
7
25
IXDR_PUT_ENUM(buf, oa->oa_flavor);
8
26
IXDR_PUT_LONG(buf, oa->oa_length);
10
+ if (oa->oa_length && oa->oa_length <= sizeof(rpchdr)) {
11
memcpy((caddr_t)buf, oa->oa_base, oa->oa_length);
12
buf += RNDUP(oa->oa_length) / sizeof(int32_t);