From: Ken Raeburn <raeburn@mit.edu>
Date: Sun, 13 Apr 2003 11:18:42 +0000 (+0000)
Subject: Avoid really, really huge cpu time usage caused by iteration count in
X-Git-Tag: krb5-1.4-beta1~1017
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e01da4059775fdc4778b32a820a94904a6483f7c;p=krb5.git

Avoid really, really huge cpu time usage caused by iteration count in
spoofed preauth data.  (Merely huge cpu time usage is probably still
possible.)

* aes_s2k.c (krb5int_aes_string_to_key): Return an error if the supplied
iteration count is really, really large.

ticket: 1418
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15349 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/crypto/aes/ChangeLog b/src/lib/crypto/aes/ChangeLog
index 443aabdd9..3af490304 100644
--- a/src/lib/crypto/aes/ChangeLog
+++ b/src/lib/crypto/aes/ChangeLog
@@ -1,3 +1,8 @@
+2003-04-13  Ken Raeburn  <raeburn@mit.edu>
+
+	* aes_s2k.c (krb5int_aes_string_to_key): Return an error if the
+	supplied iteration count is really, really large.
+
 2003-03-04  Ken Raeburn  <raeburn@mit.edu>
 
 	* aes_s2k.c, aes_s2k.h: New files.
diff --git a/src/lib/crypto/aes/aes_s2k.c b/src/lib/crypto/aes/aes_s2k.c
index f3670d7d8..6ea286900 100644
--- a/src/lib/crypto/aes/aes_s2k.c
+++ b/src/lib/crypto/aes/aes_s2k.c
@@ -29,6 +29,12 @@ krb5int_aes_string_to_key(const struct krb5_enc_provider *enc,
     } else
 	iter_count = 0xb000L;
 
+    /* This is not a protocol specification constraint; this is an
+       implementation limit, which should eventually be controlled by
+       a config file.  */
+    if (iter_count >= 0x1000000L)
+	return KRB5_ERR_BAD_S2K_PARAMS;
+
     /*
      * Dense key space, no parity bits or anything, so take a shortcut
      * and use the key contents buffer for the generated bytes.