[krbdev.mit.edu #7643] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon May 27 13:05:21 EDT 2013
Fix rc4 string-to-key on unterminated inputs
The internal UTF-8 to UCS-2 conversion functions did not properly
respect their length arguments, instead assuming that the input string
is terminated with a zero bytes. As a result,
krb5int_arcfour_string_to_key could fail on unterminated inputs. Fix
the underlying support functions to read their inputs only up to the
specified length.
https://github.com/krb5/krb5/commit/1e123231769fe640f446442cb210664d280ccbac
Author: Greg Hudson <ghudson at mit.edu>
Commit: 1e123231769fe640f446442cb210664d280ccbac
Branch: master
src/util/support/utf8_conv.c | 36 ++++++++++++++++++++----------------
1 files changed, 20 insertions(+), 16 deletions(-)
More information about the krb5-bugs
mailing list