From 1487a085f13a51e55f6a346338f8f3c002516613 Mon Sep 17 00:00:00 2001 From: John Kohl Date: Tue, 17 Apr 1990 17:39:53 +0000 Subject: [PATCH] check msg type before decoding git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@483 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/decode_kdc.c | 2 ++ src/lib/krb5/krb/gc_via_tgt.c | 6 +++++- src/lib/krb5/krb/rd_priv.c | 2 ++ src/lib/krb5/krb/rd_req.c | 2 ++ src/lib/krb5/krb/rd_safe.c | 3 +++ 5 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c index b30d23330..f01600c5b 100644 --- a/src/lib/krb5/krb/decode_kdc.c +++ b/src/lib/krb5/krb/decode_kdc.c @@ -54,6 +54,8 @@ OLDDECLARG(krb5_kdc_rep **, dec_rep) /* XXX maybe caller should specify type expected? */ + if (!krb5_is_kdc_rep(enc_rep)) + return KRB5KRB_AP_ERR_MSG_TYPE; retval = decode_krb5_as_rep(enc_rep, &local_dec_rep); switch (retval) { case ISODE_50_LOCAL_ERR_BADMSGTYPE: diff --git a/src/lib/krb5/krb/gc_via_tgt.c b/src/lib/krb5/krb/gc_via_tgt.c index fef01b432..3152ca7bd 100644 --- a/src/lib/krb5/krb/gc_via_tgt.c +++ b/src/lib/krb5/krb/gc_via_tgt.c @@ -81,7 +81,11 @@ OLDDECLARG(krb5_creds *, cred) break; case KRB5_ERROR: default: - if (decode_krb5_error(&tgsrep.response, &err_reply)) { + if (!krb5_is_krb_error(&tgsrep.response)) { + retval = KRB5KRB_AP_ERR_MSG_TYPE; + } else + retval = decode_krb5_error(&tgsrep.response, &err_reply); + if (retval) { cleanup(); return retval; /* neither proper reply nor error! */ } diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index 037f15f36..31e06d87b 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -49,6 +49,8 @@ OLDDECLARG(krb5_data *, outbuf) krb5_timestamp currenttime; krb5_ui_2 computed_direction; + if (!krb5_is_krb_priv(inbuf)) + return KRB5KRB_AP_ERR_MSG_TYPE; /* decode private message */ if (retval = decode_krb5_priv(inbuf, &privmsg)) { return retval; diff --git a/src/lib/krb5/krb/rd_req.c b/src/lib/krb5/krb/rd_req.c index 8908d4be5..1dc153095 100644 --- a/src/lib/krb5/krb/rd_req.c +++ b/src/lib/krb5/krb/rd_req.c @@ -65,6 +65,8 @@ krb5_tkt_authent *authdat; krb5_error_code retval; krb5_ap_req *request; + if (!krb5_is_ap_req(inbuf)) + return KRB5KRB_AP_ERR_MSG_TYPE; if (retval = decode_krb5_ap_req(inbuf, &request)) { switch (retval) { case ISODE_50_LOCAL_ERR_BADMSGTYPE: diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c index 4864cc2b3..0154e5cf2 100644 --- a/src/lib/krb5/krb/rd_safe.c +++ b/src/lib/krb5/krb/rd_safe.c @@ -56,6 +56,9 @@ krb5_data *outbuf; krb5_data *scratch; krb5_timestamp currenttime; + if (!krb5_is_krb_safe(inbuf)) + return KRB5KRB_AP_ERR_MSG_TYPE; + if (retval = decode_krb5_safe(inbuf, &message)) return retval; -- 2.26.2