From 8fdbf75a1337fadfbea0910e812879fd069a5e68 Mon Sep 17 00:00:00 2001 From: Richard Basch Date: Wed, 15 May 1996 01:00:03 +0000 Subject: [PATCH] * md4crypto.c md4glue.c: ensure the cksum content length is sufficient git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8024 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/md4/ChangeLog | 5 +++++ src/lib/crypto/md4/md4crypto.c | 4 +++- src/lib/crypto/md4/md4glue.c | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/src/lib/crypto/md4/ChangeLog b/src/lib/crypto/md4/ChangeLog index f6b0c97a4..06783a21d 100644 --- a/src/lib/crypto/md4/ChangeLog +++ b/src/lib/crypto/md4/ChangeLog @@ -1,3 +1,8 @@ +Tue May 14 19:31:58 1996 Richard Basch + + * md4crypto.c md4glue.c: + ensure the cksum content length is sufficient + Fri Apr 12 21:38:33 1996 Richard Basch * md4driver.c md4glue.c md4.c rsa-md4.h md4crypto.c: diff --git a/src/lib/crypto/md4/md4crypto.c b/src/lib/crypto/md4/md4crypto.c index 7d908e0e5..b6c2f9473 100644 --- a/src/lib/crypto/md4/md4crypto.c +++ b/src/lib/crypto/md4/md4crypto.c @@ -85,9 +85,11 @@ krb5_checksum FAR *outcksum; krb5_encrypt_block eblock; krb5_keyblock keyblock; krb5_error_code retval; - krb5_MD4_CTX working; + if (outcksum->length < RSA_MD4_DES_CKSUM_LENGTH) + return KRB5_BAD_MSIZE; + krb5_MD4Init(&working); krb5_MD4Update(&working, input, in_length); krb5_MD4Final(&working); diff --git a/src/lib/crypto/md4/md4glue.c b/src/lib/crypto/md4/md4glue.c index 5edbd1514..df33c8a23 100644 --- a/src/lib/crypto/md4/md4glue.c +++ b/src/lib/crypto/md4/md4glue.c @@ -47,6 +47,9 @@ krb5_checksum FAR *outcksum; krb5_octet *input = (krb5_octet *)in; krb5_MD4_CTX working; + if (outcksum->length < RSA_MD4_CKSUM_LENGTH) + return KRB5_BAD_MSIZE; + krb5_MD4Init(&working); krb5_MD4Update(&working, input, in_length); krb5_MD4Final(&working); -- 2.26.2