From: Greg Hudson Date: Thu, 13 May 2010 18:58:43 +0000 (+0000) Subject: Negative enctypes improperly read from ccaches X-Git-Tag: krb5-1.9-beta1~236 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c0cd63413841b3b85e0f70c6949322cc6299afb5;p=krb5.git Negative enctypes improperly read from ccaches When reading enctypes from ccaches, we need to sign-extend the 16-bit value we read in order to properly read negative enctypes. ticket: 6723 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24021 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c index 6af5afcd0..0dce7686e 100644 --- a/src/lib/krb5/ccache/cc_file.c +++ b/src/lib/krb5/ccache/cc_file.c @@ -595,8 +595,9 @@ krb5_fcc_read_keyblock(krb5_context context, krb5_ccache id, krb5_keyblock *keyb keyblock->magic = KV5M_KEYBLOCK; keyblock->contents = 0; + /* Enctype is signed, so sign-extend the 16-bit value we read. */ kret = krb5_fcc_read_ui_2(context, id, &ui2); - keyblock->enctype = ui2; + keyblock->enctype = (krb5_int16) ui2; CHECK(kret); if (data->version == KRB5_FCC_FVNO_3) { /* This works because the old etype is the same as the new enctype. */