gss_OID oid;
krb5_int32 ibuf;
krb5_octet *bp;
- size_t remain;
+ size_t remain, len;
bp = *buffer;
remain = *lenremain;
oid = (gss_OID) malloc(sizeof(gss_OID_desc));
if (oid == NULL)
return ENOMEM;
- if (krb5_ser_unpack_int32(&ibuf, &bp, &remain)) {
- free(oid);
- return EINVAL;
- }
- if (ibuf < 0 || (size_t)ibuf > remain) {
+ if (k5_ser_unpack_len(&len, &bp, &remain)) {
free(oid);
return EINVAL;
}
- oid->length = ibuf;
- oid->elements = malloc((size_t)ibuf);
+ oid->length = len;
+ oid->elements = malloc(len);
if (oid->elements == 0) {
free(oid);
return ENOMEM;
krb5_gss_ctx_id_rec *ctx;
krb5_int32 ibuf;
krb5_octet *bp;
- size_t remain;
+ size_t remain, len, i;
krb5int_access kaccess;
krb5_principal princ;
ctx->cred_rcache = ibuf;
/* authdata */
if (!kret)
- kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
- if (!kret && (ibuf < 0 || (size_t)ibuf > remain))
- kret = ENOMEM;
- if (!kret) {
- krb5_int32 nadata = ibuf, i;
-
- if (nadata > 0) {
- ctx->authdata = (krb5_authdata **)calloc((size_t)nadata + 1,
- sizeof(krb5_authdata *));
- if (ctx->authdata == NULL) {
- kret = ENOMEM;
- } else {
- for (i = 0; !kret && i < nadata; i++)
- kret = k5_internalize_authdata(&ctx->authdata[i],
- &bp, &remain);
+ kret = k5_ser_unpack_len(&len, &bp, &remain);
+ if (!kret && len > 0) {
+ ctx->authdata = k5calloc(len + 1, sizeof(*ctx->authdata),
+ &kret);
+ if (ctx->authdata != NULL) {
+ for (i = 0; !kret && i < len; i++) {
+ kret = k5_internalize_authdata(&ctx->authdata[i],
+ &bp, &remain);
}
}
}
{
struct authind_context *aictx = request_context;
krb5_error_code ret;
- int32_t count, len, i;
uint8_t *bp = *buffer;
- size_t remain = *lenremain;
+ size_t remain = *lenremain, len, count, i;
krb5_data **inds = NULL;
/* Get the count. */
- ret = krb5_ser_unpack_int32(&count, &bp, &remain);
+ ret = k5_ser_unpack_len(&count, &bp, &remain);
if (ret)
return ret;
- if (count < 0 || (size_t)count > remain)
- return ERANGE;
-
if (count > 0) {
inds = k5calloc(count + 1, sizeof(*inds), &ret);
if (inds == NULL)
for (i = 0; i < count; i++) {
/* Get the length. */
- ret = krb5_ser_unpack_int32(&len, &bp, &remain);
+ ret = k5_ser_unpack_len(&len, &bp, &remain);
if (ret)
goto cleanup;
- if (len < 0 || (size_t)len > remain) {
- ret = ERANGE;
- goto cleanup;
- }
/* Get the indicator. */
inds[i] = k5alloc(sizeof(*inds[i]), &ret);
for (i = 0; i < count; i++) {
struct _krb5_authdata_context_module *module;
- krb5_int32 namelen;
+ size_t namelen;
krb5_data name;
- code = krb5_ser_unpack_int32(&namelen, &bp, &remain);
+ code = k5_ser_unpack_len(&namelen, &bp, &remain);
if (code != 0)
break;
- if (remain < (size_t)namelen) {
- code = ENOMEM;
- break;
- }
-
name.length = namelen;
name.data = (char *)bp;
encode_krb5_pkinit_supp_pub_info @478 ; PRIVATE
krb5int_copy_data_contents @479 ; PRIVATE
krb5_free_pa_data @480 ; PRIVATE
-; private symbols new in 1.23, used by klist
+
+; new in 1.23
+; private symbols used by klist
k5_unwrap_cammac_svc @481 ; PRIVATE
k5_authind_decode @482 ; PRIVATE
k5_free_data_ptr_list @483 ; PRIVATE
+; private symbol used by GSSAPI serialization
+ k5_ser_unpack_len @484 ; PRIVATE
{
struct greet_context *greet = (struct greet_context *)request_context;
krb5_error_code code;
- krb5_int32 length;
krb5_octet *contents = NULL;
krb5_int32 verified;
krb5_int32 was_absent;
krb5_octet *bp;
- size_t remain;
+ size_t remain, length;
bp = *buffer;
remain = *lenremain;
/* Greeting Length */
- code = krb5_ser_unpack_int32(&length, &bp, &remain);
+ code = k5_ser_unpack_len(&length, &bp, &remain);
if (code != 0)
return code;
- if (length < 0 || (size_t)length > remain)
- return ENOMEM;
/* Greeting Contents */
if (length != 0) {
if (contents == NULL)
return ENOMEM;
- code = krb5_ser_unpack_bytes(contents, (size_t)length, &bp, &remain);
+ code = krb5_ser_unpack_bytes(contents, length, &bp, &remain);
if (code != 0) {
free(contents);
return code;
projects / thirdparty / krb5.git / commitdiff
