From c0cd63413841b3b85e0f70c6949322cc6299afb5 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Thu, 13 May 2010 18:58:43 +0000 Subject: [PATCH] Negative enctypes improperly read from ccaches When reading enctypes from ccaches, we need to sign-extend the 16-bit value we read in order to properly read negative enctypes. ticket: 6723 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24021 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/ccache/cc_file.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c index 6af5afcd0..0dce7686e 100644 --- a/src/lib/krb5/ccache/cc_file.c +++ b/src/lib/krb5/ccache/cc_file.c @@ -595,8 +595,9 @@ krb5_fcc_read_keyblock(krb5_context context, krb5_ccache id, krb5_keyblock *keyb keyblock->magic = KV5M_KEYBLOCK; keyblock->contents = 0; + /* Enctype is signed, so sign-extend the 16-bit value we read. */ kret = krb5_fcc_read_ui_2(context, id, &ui2); - keyblock->enctype = ui2; + keyblock->enctype = (krb5_int16) ui2; CHECK(kret); if (data->version == KRB5_FCC_FVNO_3) { /* This works because the old etype is the same as the new enctype. */ -- 2.26.2