From 8bf03064e30cc9d01a3c2177e8cd13a65b248a6c Mon Sep 17 00:00:00 2001
From: Alexandra Ellwood <lxs@mit.edu>
Date: Wed, 13 Aug 2008 19:49:50 +0000
Subject: [PATCH] Use a valid UTF8 password for randkey password

KfM RC4 string to key function expects password to be valid UTF8

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20650 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/kadmin/cli/kadmin.c              | 14 +++++++++-----
 src/lib/crypto/arcfour/arcfour_s2k.c |  8 +++++---
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c
index 02394e7f0..897787255 100644
--- a/src/kadmin/cli/kadmin.c
+++ b/src/kadmin/cli/kadmin.c
@@ -1170,16 +1170,20 @@ void kadmin_addprinc(argc, argv)
     krb5_key_salt_tuple *ks_tuple;
     char *pass, *canon;
     krb5_error_code retval;
-    static char newpw[1024], dummybuf[256];
+    char newpw[1024], dummybuf[256];
     static char prompt1[1024], prompt2[1024];
 #if APPLE_PKINIT
     char *cert_hash = NULL;
 #endif /* APPLE_PKINIT */
 
-    if (dummybuf[0] == 0) {
-	for (i = 0; i < 256; i++)
-	    dummybuf[i] = (i+1) % 256;
-    }
+    /* 
+       dummybuf is used to give random key a password,
+       random key entires are created with DISALLOW_ALL_TIX
+       so lets give them a known password utf8 valid pasword
+    */
+    for (i = 0; i < sizeof(dummybuf) - 1; i++)
+ 	dummybuf[i] = 'a' + (random() % 25);
+    dummybuf[sizeof(dummybuf) - 1] = '\0';
 
     /* Zero all fields in request structure */
     memset(&princ, 0, sizeof(princ));
diff --git a/src/lib/crypto/arcfour/arcfour_s2k.c b/src/lib/crypto/arcfour/arcfour_s2k.c
index 69872fc22..75bdd2a09 100644
--- a/src/lib/crypto/arcfour/arcfour_s2k.c
+++ b/src/lib/crypto/arcfour/arcfour_s2k.c
@@ -55,7 +55,7 @@ krb5int_arcfour_string_to_key(const struct krb5_enc_provider *enc,
 			      const krb5_data *params, krb5_keyblock *key)
 {
   krb5_error_code err = 0;
-  size_t len,slen;
+  size_t len;
   unsigned char *copystr;
   krb5_MD4_CTX md4_context;
 
@@ -71,8 +71,10 @@ krb5int_arcfour_string_to_key(const struct krb5_enc_provider *enc,
      Since the password must be stored in unicode, we need to increase
      that number by 2x.
   */
-  slen = ((string->length)>128)?128:string->length;
-  len=(slen)*2;
+  if (string->length > (SIZE_MAX/2))
+      return (KRB5_BAD_MSIZE);
+
+  len= string->length * 2;
 
   copystr = malloc(len);
   if (copystr == NULL)
-- 
2.26.2