[src/netbsd-1-6]: src/crypto/dist/heimdal/kadmin pullup 1.1.1.4->1.2 revision...

[perry <perry%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/d37a870a5e47
branches:  netbsd-1-6
changeset: 529181:d37a870a5e47
user:      perry <perry%NetBSD.org@localhost>
date:      Mon Oct 21 20:16:16 2002 +0000

description:
pullup 1.1.1.4->1.2 revision as requested by joda%pdc.kth.se@localhost
(Johan Danielsson) in releng 1.6 ticket 936.

diffstat:

 crypto/dist/heimdal/kadmin/version4.c |  9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diffs (26 lines):

diff -r ca96f51c3050 -r d37a870a5e47 crypto/dist/heimdal/kadmin/version4.c
--- a/crypto/dist/heimdal/kadmin/version4.c     Mon Oct 21 02:30:14 2002 +0000
+++ b/crypto/dist/heimdal/kadmin/version4.c     Mon Oct 21 20:16:16 2002 +0000
@@ -41,7 +41,7 @@
 #include <krb_err.h>
 #include <kadm_err.h>
 
-RCSID("$Id: version4.c,v 1.1.1.3 2001/02/11 13:51:33 assar Exp $");
+RCSID("$Id: version4.c,v 1.1.1.3.2.1 2002/10/21 20:16:16 perry Exp $");
 
 #define KADM_NO_OPCODE -1
 #define KADM_NO_ENCRYPT -2
@@ -822,6 +822,13 @@
     off += _krb5_get_int(msg + off, &rlen, 4);
     memset(&authent, 0, sizeof(authent));
     authent.length = message.length - rlen - KADM_VERSIZE - 4;
+
+    if(authent.length >= MAX_KTXT_LEN) {
+       krb5_warnx(context, "received bad rlen (%lu)", (unsigned long)rlen);
+       make_you_loose_packet (KADM_LENGTH_ERROR, reply);
+       return;
+    }
+
     memcpy(authent.dat, (char*)msg + off, authent.length);
     off += authent.length;