From: Michael R Sweet <michael.r.sweet@gmail.com>
Date: Wed, 14 Nov 2018 14:09:33 +0000 (-0500)
Subject: Fix potential truncation of Kerberos credentials (Issue #5435)
X-Git-Tag: v2.3b6~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef2f369c0c8cce01420c036d9cf122621085c4a0;p=thirdparty%2Fcups.git

Fix potential truncation of Kerberos credentials (Issue #5435)
---

diff --git a/CHANGES.md b/CHANGES.md
index 6c04aeb5af..fe382cef11 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,4 +1,4 @@
-CHANGES - 2.3b6 - 2018-11-08
+CHANGES - 2.3b6 - 2018-11-14
 ============================
 
 Changes in CUPS v2.3b6
@@ -37,6 +37,7 @@ Changes in CUPS v2.3b6
   CloseUI/JCLCloseUI keywords (Issue #5381)
 - The scheduler now reports the actual location of the log file (Issue #5398)
 - Added a USB quirk rule (Issue #5420)
+- Kerberos credentials might be truncated (Issue #5435)
 - The scheduler was being backgrounded on macOS, causing applications to spin
   (rdar://40436080)
 - The scheduler did not validate that required initial request attributes were
diff --git a/cups/auth.c b/cups/auth.c
index 4c509bbc71..0a490948c8 100644
--- a/cups/auth.c
+++ b/cups/auth.c
@@ -442,7 +442,7 @@ _cupsSetNegotiateAuthString(
     */
 
     int authsize = 10 +			/* "Negotiate " */
-		   (int)output_token.length * 4 / 3 + 1 + 1;
+		   (int)((output_token.length * 4 / 3 + 3) & ~3) + 1;
 		   			/* Base64 + nul */
 
     httpSetAuthString(http, NULL, NULL);