Handle invalid RFC 1964 tokens [CVE-2014-4341...]

Handle invalid RFC 1964 tokens [CVE-2014-4341...]

Detect the following cases which would otherwise cause invalid memory
accesses and/or integer underflow:

* An RFC 1964 token being processed by an RFC 4121-only context
  [CVE-2014-4342]

* A header with fewer than 22 bytes after the token ID or an
  incomplete checksum [CVE-2014-4341 CVE-2014-4342]

* A ciphertext shorter than the confounder [CVE-2014-4341]

* A declared padding length longer than the plaintext [CVE-2014-4341]

If we detect a bad pad byte, continue on to compute the checksum to
avoid creating a padding oracle, but treat the checksum as invalid
even if it compares equal.

CVE-2014-4341:

In MIT krb5, an unauthenticated remote attacker with the ability to
inject packets into a legitimately established GSSAPI application
session can cause a program crash due to invalid memory references
when attempting to read beyond the end of a buffer.

    CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C

CVE-2014-4342:

In MIT krb5 releases krb5-1.7 and later, an unauthenticated remote
attacker with the ability to inject packets into a legitimately
established GSSAPI application session can cause a program crash due
to invalid memory references when reading beyond the end of a buffer
or by causing a null pointer dereference.

    CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C

[tlyu@mit.edu: CVE summaries, CVSS]

ticket: 7949 (new)
subject: Handle invalid RFC 1964 tokens [CVE-2014-4341 CVE-2014-4342]
taget_version: 1.12.2
tags: pullup