svn rev #24305: branches/nss/src/lib/crypto/nss/des/
ghudson@MIT.EDU
ghudson at MIT.EDU
Sat Sep 11 12:57:59 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24305
Commit By: ghudson
Log Message:
In the NSS mit_des_string_to_key_int, zero out pbe_params before
filling it in, to avoid passing uninitialized fields to
PK11_RawPBEKeyGen.
Changed Files:
U branches/nss/src/lib/crypto/nss/des/string2key.c
Modified: branches/nss/src/lib/crypto/nss/des/string2key.c
===================================================================
--- branches/nss/src/lib/crypto/nss/des/string2key.c 2010-09-09 15:54:32 UTC (rev 24304)
+++ branches/nss/src/lib/crypto/nss/des/string2key.c 2010-09-11 16:57:59 UTC (rev 24305)
@@ -54,6 +54,7 @@
pwItem.data = (unsigned char *)pw->data;
pwItem.len = pw->length;
+ memset(&pbe_params, 0, sizeof(pbe_params));
pbe_params.pSalt = (unsigned char *)salt->data;
pbe_params.ulSaltLen = salt->length;
pbe_params.ulIteration = 1;
More information about the cvs-krb5
mailing list