Hi all.
Patching a 4.7 box from the errata patch and noticed this:
+
+ if (len < checksum_sz + et->confoundersize) {
+ krb5_set_error_string(context, "Encrypted data shorter then "
+ "checksum + confunder");
+ return KRB5_BAD_MSIZE;
+ }
+
That "then" should be "than" shouldn't it?
"Encrypted data shorter THAN x"?
And as I read this email again - it should be confounder not confunder in the
message string?
The member name is confounder not confunder?
(Looks like both need to be fixed in three places.)
Looks like still in 4.8 and beyond (if I am looking in the right place.)
http://www.openbsd.org/cgi-bin/cvsweb/src/kerberosV/src/lib/krb5/crypto.c?rev
=1.10.12.1;content-type=text%2Fplain
And wrong in the comments ...
/*
* In the framework of kerberos, the length can never be shorter
* then at least one blocksize.
*/
Then should be than.
And the nits are in the code:
if (len < checksum_sz + et->confoundersize) {
krb5_set_error_string(context, "Encrypted data shorter then "
"checksum + confunder");
return KRB5_BAD_MSIZE;
}
Thanks.
