36 lines
1003 B
Diff
36 lines
1003 B
Diff
diff -Naur a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
|
|
--- a/src/lib/kadm5/kadm_rpc_xdr.c 2023-09-01 16:16:12.843658117 +0800
|
|
+++ b/src/lib/kadm5/kadm_rpc_xdr.c 2023-09-01 16:12:03.704811364 +0800
|
|
@@ -390,6 +390,7 @@
|
|
int v)
|
|
{
|
|
unsigned int n;
|
|
+ bool_t r;
|
|
|
|
if (!xdr_krb5_principal(xdrs, &objp->principal)) {
|
|
return (FALSE);
|
|
@@ -443,6 +444,9 @@
|
|
if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) {
|
|
return (FALSE);
|
|
}
|
|
+ if (xdrs->x_op == XDR_DECODE && objp->n_key_data < 0) {
|
|
+ return (FALSE);
|
|
+ }
|
|
if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) {
|
|
return (FALSE);
|
|
}
|
|
@@ -451,9 +455,10 @@
|
|
return FALSE;
|
|
}
|
|
n = objp->n_key_data;
|
|
- if (!xdr_array(xdrs, (caddr_t *) &objp->key_data,
|
|
- &n, ~0, sizeof(krb5_key_data),
|
|
- xdr_krb5_key_data_nocontents)) {
|
|
+ r = xdr_array(xdrs, (caddr_t *) &objp->key_data, &n, objp->n_key_data,
|
|
+ sizeof(krb5_key_data), xdr_krb5_key_data_nocontents);
|
|
+ objp->n_key_data = n;
|
|
+ if (!r) {
|
|
return (FALSE);
|
|
}
|
|
|