The yarrow code uses a keyblock that is partially initialized. This results
in krb5_k_free_key trying to look up the enctype to call the free handler.
One of the valgrind reports: (there are several paths)
==26701== Conditional jump or move depends on uninitialised value(s)
==26701== at 0x40E9AF0: find_enctype (etypes.h:81)
==26701== by 0x40E9C9E: krb5_k_free_key (key.c:91)
==26701== by 0x40D641A: krb5int_yarrow_cipher_init (ycipher.c:49)
==26701== by 0x40D593A: yarrow_gate_locked (yarrow.c:578)
==26701== by 0x40D5349: krb5int_yarrow_output_Block (yarrow.c:423)
==26701== by 0x40D581B: yarrow_output_locked (yarrow.c:553)
==26701== by 0x40D5667: krb5int_yarrow_output (yarrow.c:513)
==26701== by 0x40EBD2D: krb5_c_random_make_octets (prng.c:112)
==26701== by 0x40D4119: krb5int_old_encrypt (old_aead.c:97)
==26701== by 0x40E9696: krb5_k_encrypt_iov (encrypt_iov.c:42)
==26701== by 0x8049554: main (t_encrypt.c:206)
==26701==
ticket: 6625
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23609
dc483132-0cff-0310-8789-
dd5450dbe970
ctx->key = NULL;
keyblock.contents = malloc(keylength);
keyblock.length = keylength;
+ keyblock.enctype = yarrow_enc_type;
if (keyblock.contents == NULL)
return (YARROW_NOMEM);
randombits.data = (char *) key;
*/
#define yarrow_enc_provider krb5int_enc_aes256
+#define yarrow_enc_type ENCTYPE_AES256_CTS_HMAC_SHA1_96
#define CIPHER_BLOCK_SIZE 16
#define CIPHER_KEY_SIZE 32