summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@fieldses.org>2006-12-05 02:22:41 +0100
committerTrond Myklebust <Trond.Myklebust@netapp.com>2006-12-06 16:46:47 +0100
commit717757ad1038ab6aacb89bad579c89b006efd913 (patch)
tree19b93c59420a5195d36c333845af9fde4b2b5c7c /net/sunrpc/auth_gss
parentrpcgss: krb5: sanity check sealalg value in the downcall (diff)
downloadlinux-717757ad1038ab6aacb89bad579c89b006efd913.tar.xz
linux-717757ad1038ab6aacb89bad579c89b006efd913.zip
rpcgss: krb5: ignore seed
We're currently not actually using seed or seed_init. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_mech.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index bf5435db8785..05d4bee86fc0 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -137,12 +137,13 @@ gss_import_sec_context_kerberos(const void *p,
p = simple_get_bytes(p, end, &ctx->initiate, sizeof(ctx->initiate));
if (IS_ERR(p))
goto out_err_free_ctx;
- p = simple_get_bytes(p, end, &ctx->seed_init, sizeof(ctx->seed_init));
- if (IS_ERR(p))
- goto out_err_free_ctx;
- p = simple_get_bytes(p, end, ctx->seed, sizeof(ctx->seed));
- if (IS_ERR(p))
+ /* The downcall format was designed before we completely understood
+ * the uses of the context fields; so it includes some stuff we
+ * just give some minimal sanity-checking, and some we ignore
+ * completely (like the next twenty bytes): */
+ if (unlikely(p + 20 > end || p + 20 < p))
goto out_err_free_ctx;
+ p += 20;
p = simple_get_bytes(p, end, &tmp, sizeof(tmp));
if (IS_ERR(p))
goto out_err_free_ctx;