From e01da4059775fdc4778b32a820a94904a6483f7c Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Sun, 13 Apr 2003 11:18:42 +0000 Subject: [PATCH] Avoid really, really huge cpu time usage caused by iteration count in spoofed preauth data. (Merely huge cpu time usage is probably still possible.) * aes_s2k.c (krb5int_aes_string_to_key): Return an error if the supplied iteration count is really, really large. ticket: 1418 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15349 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/aes/ChangeLog | 5 +++++ src/lib/crypto/aes/aes_s2k.c | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/src/lib/crypto/aes/ChangeLog b/src/lib/crypto/aes/ChangeLog index 443aabdd9..3af490304 100644 --- a/src/lib/crypto/aes/ChangeLog +++ b/src/lib/crypto/aes/ChangeLog @@ -1,3 +1,8 @@ +2003-04-13 Ken Raeburn + + * aes_s2k.c (krb5int_aes_string_to_key): Return an error if the + supplied iteration count is really, really large. + 2003-03-04 Ken Raeburn * aes_s2k.c, aes_s2k.h: New files. diff --git a/src/lib/crypto/aes/aes_s2k.c b/src/lib/crypto/aes/aes_s2k.c index f3670d7d8..6ea286900 100644 --- a/src/lib/crypto/aes/aes_s2k.c +++ b/src/lib/crypto/aes/aes_s2k.c @@ -29,6 +29,12 @@ krb5int_aes_string_to_key(const struct krb5_enc_provider *enc, } else iter_count = 0xb000L; + /* This is not a protocol specification constraint; this is an + implementation limit, which should eventually be controlled by + a config file. */ + if (iter_count >= 0x1000000L) + return KRB5_ERR_BAD_S2K_PARAMS; + /* * Dense key space, no parity bits or anything, so take a shortcut * and use the key contents buffer for the generated bytes. -- 2.26.2