* md5crypto.c md5glue.c:

author Richard Basch <probe@mit.edu>

Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)

committer Richard Basch <probe@mit.edu>

Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)
author Richard Basch <probe@mit.edu>
Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)
committer Richard Basch <probe@mit.edu>
Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)
diff --git a/src/lib/crypto/md5/ChangeLog b/src/lib/crypto/md5/ChangeLog

index d29d4eee1697cc542643720496302ace081c717a..ffe7df271ea236d9000ad9a0b423c54be57c4fe5 100644 (file)
--- a/src/lib/crypto/md5/ChangeLog
+++ b/src/lib/crypto/md5/ChangeLog
@@ -1,3 +1,10 @@
+Tue May 14 19:32:51 1996  Richard Basch  <basch@lehman.com>
+
+       * md5crypto.c md5glue.c:
+               ensure the cksum content length is sufficient.
+
+       * t_cksum.c: initialize cksum.length
+
  Fri May 10 01:19:18 1996  Richard Basch  <basch@lehman.com>
  
         * md5crypto.c: des3-md5 is being replaced with des3-sha
diff --git a/src/lib/crypto/md5/md5crypto.c b/src/lib/crypto/md5/md5crypto.c

index 5d91b944e69731dbd905a54d98df782627043013..b22a3874819c95eb4ebfda40716a456f07201271 100644 (file)
--- a/src/lib/crypto/md5/md5crypto.c
+++ b/src/lib/crypto/md5/md5crypto.c
@@ -106,9 +106,11 @@ krb5_checksum FAR *outcksum;
      krb5_keyblock keyblock;
      krb5_error_code retval;
      size_t i;
-
      krb5_MD5_CTX working;
  
+    if (outcksum->length < RSA_MD5_DES_CKSUM_LENGTH + RSA_MD5_DES_CONFOUND_LENGTH)
+       return KRB5_BAD_MSIZE;
+
      /* Generate the confounder in place */
      if (retval = krb5_random_confounder(RSA_MD5_DES_CONFOUND_LENGTH,
                                         outtmp))
diff --git a/src/lib/crypto/md5/md5glue.c b/src/lib/crypto/md5/md5glue.c

index 84ea3e9e7b0ca5b9e6a0cd32dc543e370b71a99f..77aca36866b13e8c263d6419414d34054411c720 100644 (file)
--- a/src/lib/crypto/md5/md5glue.c
+++ b/src/lib/crypto/md5/md5glue.c
@@ -22,6 +22,9 @@ krb5_checksum FAR *outcksum;
      krb5_octet *input = (krb5_octet *)in;
      krb5_MD5_CTX working;
  
+    if (outcksum->length < RSA_MD5_CKSUM_LENGTH)
+       return KRB5_BAD_MSIZE;
+    
      krb5_MD5Init(&working);
      krb5_MD5Update(&working, input, in_length);
      krb5_MD5Final(&working);
diff --git a/src/lib/crypto/md5/t_cksum.c b/src/lib/crypto/md5/t_cksum.c

index d9d4f2aec8dc0eb827c850c0e43d3645fdffb88f..d28e36c16a022a62936b5322de8347b36baa1dde 100644 (file)
--- a/src/lib/crypto/md5/t_cksum.c
+++ b/src/lib/crypto/md5/t_cksum.c
@@ -116,12 +116,14 @@ main(argc, argv)
      return(kret);
    }
  
+  oldstyle_checksum.length = CHECKSUM_LENGTH;
    if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(CHECKSUM_LENGTH))) {
      printf("cannot get memory for old style checksum\n");
      return(ENOMEM);
    }
+  newstyle_checksum.length = krb5_checksum_size(kcontext, CHECKSUM_TYPE);
    if (!(newstyle_checksum.contents = (krb5_octet *)
-       malloc(krb5_checksum_size(kcontext, CHECKSUM_TYPE)))) {
+       malloc(newstyle_checksum.length))) {
      printf("cannot get memory for new style checksum\n");
      return(ENOMEM);
    }
author	Richard Basch <probe@mit.edu>
	Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)
committer	Richard Basch <probe@mit.edu>
	Wed, 15 May 1996 01:00:36 +0000 (01:00 +0000)
src/lib/crypto/md5/ChangeLog		patch \| blob \| history
src/lib/crypto/md5/md5crypto.c		patch \| blob \| history
src/lib/crypto/md5/md5glue.c		patch \| blob \| history
src/lib/crypto/md5/t_cksum.c		patch \| blob \| history