diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2023-01-06 20:48:22 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2023-01-06 20:48:22 +0000 |
| commit | 6f4e10db3298f6d65e1e646fe52aaafc3682b788 (patch) | |
| tree | 0a8de0ec1173c00886bcde1c3b18e0963e5f2b83 /lib/gssapi/krb5/init_sec_context.c | |
| parent | d5d1e8b157da7410fe13e6302f8e1bee81320bb5 (diff) | |
Diffstat (limited to 'lib/gssapi/krb5/init_sec_context.c')
| -rw-r--r-- | lib/gssapi/krb5/init_sec_context.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c index 4ef5c9c7123a..21ac554efd4f 100644 --- a/lib/gssapi/krb5/init_sec_context.c +++ b/lib/gssapi/krb5/init_sec_context.c @@ -600,7 +600,19 @@ init_auth_restart if (ret == 0) { if (timedata.length == 4) { const u_char *p = timedata.data; - offset = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0); + if (p[0] < 128) { + offset = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0); + } else { + /* + * (p[0] << 24), if p[0] > 127 -> offset is negative, but *p is + * positive, so this is overflow -- overflow we want, but UBSAN + * flags it. + * + * NOTE: We assume the platform is a twos-complement platform. + */ + offset = INT32_MIN; + offset |= ((p[0] & 0x7f) <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0); + } } krb5_data_free(&timedata); } @@ -921,7 +933,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_init_sec_context time_rec); if (ret != GSS_S_COMPLETE) break; - /* FALL THOUGH */ + /* FALLTHROUGH */ case INITIATOR_RESTART: ret = init_auth_restart(minor_status, cred, |