mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
CVE-2022-3437 third_party/heimdal: Use constant-time memcmp() in unwrap_des3()
The surrounding checks all use ct_memcmp(), so this one was presumably meant to as well. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
e3c314ed69
commit
9ca9408c5e
2
third_party/heimdal/lib/gssapi/krb5/unwrap.c
vendored
2
third_party/heimdal/lib/gssapi/krb5/unwrap.c
vendored
@ -230,7 +230,7 @@ unwrap_des3
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
|
||||
if (ct_memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
|
||||
return GSS_S_BAD_SIG;
|
||||
p += 2;
|
||||
if (ct_memcmp (p, "\x02\x00", 2) == 0) {
|
||||
|
Loading…
Reference in New Issue
Block a user