From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 8 Dec 2015 04:59:31 +0000 (-0500)
Subject: Fix FILE ccache negative enctype unmarshalling
X-Git-Tag: krb5-1.15-beta1~325
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a585d20701aa7bfcbdc2fe6999d8477c7aa01c3c;p=thirdparty%2Fkrb5.git

Fix FILE ccache negative enctype unmarshalling

Commit b99c7c79dee33de966c8bed02ac79439989f6f99 broke the
unmarshalling of negative enctype values from FILE ccaches.  Fix it by
sign-extending the 16-bit enctype value in unmarshal_keyblock().
---

diff --git a/src/lib/krb5/ccache/ccmarshal.c b/src/lib/krb5/ccache/ccmarshal.c
index 40eb6a8562..bd6d309d1d 100644
--- a/src/lib/krb5/ccache/ccmarshal.c
+++ b/src/lib/krb5/ccache/ccmarshal.c
@@ -198,7 +198,8 @@ unmarshal_keyblock(struct k5input *in, int version, krb5_keyblock *kb)
 {
     memset(kb, 0, sizeof(*kb));
     kb->magic = KV5M_KEYBLOCK;
-    kb->enctype = get16(in, version);
+    /* enctypes can be negative, so sign-extend the 16-bit result. */
+    kb->enctype = (int16_t)get16(in, version);
     /* Version 3 stores the enctype twice. */
     if (version == 3)
         (void)get16(in, version);