From: | Ðавел ÐÑайнов <kraynopp@gmail.com> |
Date: | Thu, 12 Oct 2017 21:00:17 +0300 |
Subject: | Bug in PKINIT |
To: | krb5-bugs@mit.edu |
Hi,
In file \src\plugins\preauth\pkinit\pkinit_crypto_openssl.h I have found constant:
#define DN_BUF_LEN 256
So, the size of DN is limited by 256 bytes. It is very small and can be easily overflowed, especially if DN contains utf8-encoded CN/O/OU.
In this case PKINIT failed with error 'stack smashing detected'.
Please, consider to increase DN_BUF_LEN or use dynamic memory allocation for DN buffer.
In file \src\plugins\preauth\pkinit\pkinit_crypto_openssl.h I have found constant:
#define DN_BUF_LEN 256
So, the size of DN is limited by 256 bytes. It is very small and can be easily overflowed, especially if DN contains utf8-encoded CN/O/OU.
In this case PKINIT failed with error 'stack smashing detected'.
Please, consider to increase DN_BUF_LEN or use dynamic memory allocation for DN buffer.