bug with SGN_ALG_MD2_5 case handling in kg_unseal_v1()?
Will Fiveash
will.fiveash at oracle.com
Fri Apr 14 15:18:13 EDT 2017
On Thu, Apr 13, 2017 at 08:09:23PM -0500, Benjamin Kaduk wrote:
> On Thu, Apr 13, 2017 at 02:55:56PM -0500, Will Fiveash wrote:
> > In src/lib/gssapi/krb5/k5unseal.c:kg_unseal_v1() at line 381 which is
> > part of the case SGN_ALG_MD2_5 block I see:
> >
> > code = k5_bcmp(md5cksum.contents, ptr + 14, 8);
> > /* Falls through to defective-token?? */
> >
> > default:
> > *minor_status = 0;
> > return(GSS_S_DEFECTIVE_TOKEN);
> >
> > This seems like a bug given the processing that precedes this, thoughts?
>
> Perhaps. On the other hand, how much do you trust anything with MD2
> in its name...
Indeed.
--
Will Fiveash
Oracle Solaris Software Engineer
More information about the krbdev
mailing list