← Back to branch summary

~ubuntu-branches/ubuntu/dapper/krb5/dapper-security

« back to all changes in this revision

Viewing changes to src/lib/crypto/dk/dk_decrypt.c

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2010-01-11 14:40:21 UTC
  • Revision ID: james.westby@ubuntu.com-20100111144021-54akl1okuud4tahn
Tags: 1.4.3-5ubuntu0.10
* SECURITY UPDATE: unauthenticated remote attacker can crash or
  compromise the KDC via flaws in AES and RC4 decryption (CVE-2009-4212).
  - debian/patches/MITKRB5-SA-2009-004 backported and applied inline.
  - http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/lib/crypto/dk/dk_decrypt.c
89
89
    else if (hmacsize > hashsize)
90
90
        return KRB5KRB_AP_ERR_BAD_INTEGRITY;
91
91
 
 
92
    /* Verify input and output lengths. */
 
93
    if (input->length < blocksize + hmacsize)
 
94
        return KRB5_BAD_MSIZE;
 
95
    if (output->length < input->length - blocksize - hmacsize)
 
96
        return KRB5_BAD_MSIZE;
 
97
 
92
98
    enclen = input->length - hmacsize;
93
99
 
94
100
    if ((kedata = (unsigned char *) malloc(keylength)) == NULL)