* md4crypto.c md4glue.c:

        ensure the cksum content length is sufficient

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8024 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/md4/ChangeLog b/src/lib/crypto/md4/ChangeLog
index f6b0c97a4354412a1b420ebcdabc211e02cc29b4..06783a21dc02c5aa3ad464f4878c7981706372a0 100644 (file)
--- a/src/lib/crypto/md4/ChangeLog
+++ b/src/lib/crypto/md4/ChangeLog
@@ -1,3 +1,8 @@
+Tue May 14 19:31:58 1996  Richard Basch  <basch@lehman.com>
+
+       * md4crypto.c md4glue.c:
+               ensure the cksum content length is sufficient
+
 Fri Apr 12 21:38:33 1996  Richard Basch  <basch@lehman.com>
 
        * md4driver.c md4glue.c md4.c rsa-md4.h md4crypto.c:

diff --git a/src/lib/crypto/md4/md4crypto.c b/src/lib/crypto/md4/md4crypto.c
index 7d908e0e5163bad3eb26369b419268420b8474c2..b6c2f94737fe60266e417ec5cc801a4690c63a7c 100644 (file)
--- a/src/lib/crypto/md4/md4crypto.c
+++ b/src/lib/crypto/md4/md4crypto.c
@@ -85,9 +85,11 @@ krb5_checksum FAR *outcksum;
     krb5_encrypt_block eblock;
     krb5_keyblock keyblock;
     krb5_error_code retval;
-
     krb5_MD4_CTX working;
 
+    if (outcksum->length < RSA_MD4_DES_CKSUM_LENGTH)
+       return KRB5_BAD_MSIZE;
+
     krb5_MD4Init(&working);
     krb5_MD4Update(&working, input, in_length);
     krb5_MD4Final(&working);

diff --git a/src/lib/crypto/md4/md4glue.c b/src/lib/crypto/md4/md4glue.c
index 5edbd1514cd816e6e24a5e91ab6d994cceb2e1c8..df33c8a230faeb05e95d53543d41d5d26f94b722 100644 (file)
--- a/src/lib/crypto/md4/md4glue.c
+++ b/src/lib/crypto/md4/md4glue.c
@@ -47,6 +47,9 @@ krb5_checksum FAR *outcksum;
     krb5_octet *input = (krb5_octet *)in;
     krb5_MD4_CTX working;
 
+    if (outcksum->length < RSA_MD4_CKSUM_LENGTH)
+       return KRB5_BAD_MSIZE;
+    
     krb5_MD4Init(&working);
     krb5_MD4Update(&working, input, in_length);
     krb5_MD4Final(&working);