[krbdev.mit.edu #2266] wrap_size_limit broken for CFX
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Mon Feb 23 16:22:29 EST 2004
Well, I'm still not seeing the off-by-one issue, for some reason, but
this version of the code seems to get the right answer (including your
example of 1076 -> 1016), so I'll be checking it in. Thanks for
catching this.
Ken
while (sz > 0 && krb5_encrypt_size(sz, ctx->enc->enctype) + 16 > req_output_size)
sz--;
/* Allow for encrypted copy of header. */
if (sz > 16)
sz -= 16;
else
sz = 0;
#ifdef CFX_EXERCISE
/* Allow for EC padding. In the MIT implementation, only
added while testing. */
if (sz > 65535)
sz -= 65535;
else
sz = 0;
#endif
More information about the krb5-bugs
mailing list