From 68e38d3270f3b03af8165e8e864083f1f2b06313 Mon Sep 17 00:00:00 2001 From: John Kohl Date: Fri, 18 May 1990 10:47:32 +0000 Subject: [PATCH] add padding area, and zero it (for encryption functions) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@885 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/encode_kdc.c | 10 +++++++++- src/lib/krb5/krb/encrypt_tk.c | 10 +++++++++- src/lib/krb5/krb/mk_priv.c | 10 +++++++++- src/lib/krb5/krb/mk_req_ext.c | 10 ++++++++++ 4 files changed, 37 insertions(+), 3 deletions(-) diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c index 89cd913b2..3d4df5403 100644 --- a/src/lib/krb5/krb/encode_kdc.c +++ b/src/lib/krb5/krb/encode_kdc.c @@ -74,7 +74,15 @@ OLDDECLARG(krb5_data **, enc_rep) eblock.crypto_entry = krb5_csarray[dec_rep->etype]->system; dec_rep->enc_part.length = krb5_encrypt_size(scratch->length, - eblock.crypto_entry); + eblock.crypto_entry); + /* add padding area, and zero it */ + if (!(scratch->data = realloc(scratch->data, dec_rep->enc_part.length))) { + /* may destroy scratch->data */ + xfree(scratch); + return ENOMEM; + } + bzero(scratch->data + scratch->length, + dec_rep->enc_part.length - scratch->length); if (!(dec_rep->enc_part.data = malloc(dec_rep->enc_part.length))) { retval = ENOMEM; goto clean_scratch; diff --git a/src/lib/krb5/krb/encrypt_tk.c b/src/lib/krb5/krb/encrypt_tk.c index 813afe810..f1aafbcde 100644 --- a/src/lib/krb5/krb/encrypt_tk.c +++ b/src/lib/krb5/krb/encrypt_tk.c @@ -61,7 +61,15 @@ register krb5_ticket *dec_ticket; eblock.crypto_entry = krb5_csarray[dec_ticket->etype]->system; dec_ticket->enc_part.length = krb5_encrypt_size(scratch->length, - eblock.crypto_entry); + eblock.crypto_entry); + /* add padding area, and zero it */ + if (!(scratch->data = realloc(scratch->data, dec_ticket->enc_part.length))) { + /* may destroy scratch->data */ + xfree(scratch); + return ENOMEM; + } + bzero(scratch->data + scratch->length, + dec_ticket->enc_part.length - scratch->length); if (!(dec_ticket->enc_part.data = malloc(dec_ticket->enc_part.length))) { retval = ENOMEM; goto clean_scratch; diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c index c6359d4bf..c46648b77 100644 --- a/src/lib/krb5/krb/mk_priv.c +++ b/src/lib/krb5/krb/mk_priv.c @@ -90,7 +90,15 @@ OLDDECLARG(krb5_data *, outbuf) eblock.crypto_entry = krb5_csarray[etype]->system; privmsg.enc_part.length = krb5_encrypt_size(scratch->length, - eblock.crypto_entry); + eblock.crypto_entry); + /* add padding area, and zero it */ + if (!(scratch->data = realloc(scratch->data, privmsg.enc_part.length))) { + /* may destroy scratch->data */ + xfree(scratch); + return ENOMEM; + } + bzero(scratch->data + scratch->length, + privmsg.enc_part.length - scratch->length); if (!(privmsg.enc_part.data = malloc(privmsg.enc_part.length))) { retval = ENOMEM; goto clean_scratch; diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c index d65f52914..f0a124af6 100644 --- a/src/lib/krb5/krb/mk_req_ext.c +++ b/src/lib/krb5/krb/mk_req_ext.c @@ -123,6 +123,15 @@ krb5_data *outbuf; eblock.crypto_entry = krb5_csarray[etype]->system; request.authenticator.length = krb5_encrypt_size(scratch->length, eblock.crypto_entry); + /* add padding area, and zero it */ + if (!(scratch->data = realloc(scratch->data, request.authenticator.length))) { + /* may destroy scratch->data */ + xfree(scratch); + retval = ENOMEM; + goto clean_ticket; + } + bzero(scratch->data + scratch->length, + request.authenticator.length - scratch->length); if (!(request.authenticator.data = malloc(request.authenticator.length))) { retval = ENOMEM; goto clean_scratch; @@ -168,6 +177,7 @@ krb5_data *outbuf; cleanup_encpart(); clean_scratch: cleanup_scratch(); + clean_ticket: cleanup_ticket(); return retval; -- 2.26.2