[19571] in Kerberos_V5_Development
Re: bug with SGN_ALG_MD2_5 case handling in kg_unseal_v1()?
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Thu Apr 13 21:09:40 2017
Date: Thu, 13 Apr 2017 20:09:23 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: MIT Kerberos Dev List <krbdev@mit.edu>
Message-ID: <20170414010922.GI30306@kduck.kaduk.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20170413195556.GA28286@oracle.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Thu, Apr 13, 2017 at 02:55:56PM -0500, Will Fiveash wrote:
> In src/lib/gssapi/krb5/k5unseal.c:kg_unseal_v1() at line 381 which is
> part of the case SGN_ALG_MD2_5 block I see:
>
> code = k5_bcmp(md5cksum.contents, ptr + 14, 8);
> /* Falls through to defective-token?? */
>
> default:
> *minor_status = 0;
> return(GSS_S_DEFECTIVE_TOKEN);
>
> This seems like a bug given the processing that precedes this, thoughts?
Perhaps. On the other hand, how much do you trust anything with MD2
in its name...
-Ben
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev