eblock.crypto_entry = krb5_csarray[dec_rep->etype]->system;
dec_rep->enc_part.length = krb5_encrypt_size(scratch->length,
- eblock.crypto_entry);
+ eblock.crypto_entry);
+ /* add padding area, and zero it */
+ if (!(scratch->data = realloc(scratch->data, dec_rep->enc_part.length))) {
+ /* may destroy scratch->data */
+ xfree(scratch);
+ return ENOMEM;
+ }
+ bzero(scratch->data + scratch->length,
+ dec_rep->enc_part.length - scratch->length);
if (!(dec_rep->enc_part.data = malloc(dec_rep->enc_part.length))) {
retval = ENOMEM;
goto clean_scratch;
eblock.crypto_entry = krb5_csarray[dec_ticket->etype]->system;
dec_ticket->enc_part.length = krb5_encrypt_size(scratch->length,
- eblock.crypto_entry);
+ eblock.crypto_entry);
+ /* add padding area, and zero it */
+ if (!(scratch->data = realloc(scratch->data, dec_ticket->enc_part.length))) {
+ /* may destroy scratch->data */
+ xfree(scratch);
+ return ENOMEM;
+ }
+ bzero(scratch->data + scratch->length,
+ dec_ticket->enc_part.length - scratch->length);
if (!(dec_ticket->enc_part.data = malloc(dec_ticket->enc_part.length))) {
retval = ENOMEM;
goto clean_scratch;
eblock.crypto_entry = krb5_csarray[etype]->system;
privmsg.enc_part.length = krb5_encrypt_size(scratch->length,
- eblock.crypto_entry);
+ eblock.crypto_entry);
+ /* add padding area, and zero it */
+ if (!(scratch->data = realloc(scratch->data, privmsg.enc_part.length))) {
+ /* may destroy scratch->data */
+ xfree(scratch);
+ return ENOMEM;
+ }
+ bzero(scratch->data + scratch->length,
+ privmsg.enc_part.length - scratch->length);
if (!(privmsg.enc_part.data = malloc(privmsg.enc_part.length))) {
retval = ENOMEM;
goto clean_scratch;
eblock.crypto_entry = krb5_csarray[etype]->system;
request.authenticator.length = krb5_encrypt_size(scratch->length,
eblock.crypto_entry);
+ /* add padding area, and zero it */
+ if (!(scratch->data = realloc(scratch->data, request.authenticator.length))) {
+ /* may destroy scratch->data */
+ xfree(scratch);
+ retval = ENOMEM;
+ goto clean_ticket;
+ }
+ bzero(scratch->data + scratch->length,
+ request.authenticator.length - scratch->length);
if (!(request.authenticator.data = malloc(request.authenticator.length))) {
retval = ENOMEM;
goto clean_scratch;
cleanup_encpart();
clean_scratch:
cleanup_scratch();
+ clean_ticket:
cleanup_ticket();
return retval;