The Samba-Bugzilla – Attachment 14075 Details for
Bug 13352
gnutls_aead_cipher_encrypt used for encrypted secrets can fail with short buffer
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Pass allocated buffer size as the last parameter to the gnutls_aead_cipher_encrypt()
0001-Fix-invocation-of-gnutls_aead_cipher_encrypt.patch (text/plain), 1.46 KB, created by
Timur Bakeyev
on 2018-03-22 21:36:43 UTC
(
hide
)
Description:
Pass allocated buffer size as the last parameter to the gnutls_aead_cipher_encrypt()
Filename:
MIME Type:
Creator:
Timur Bakeyev
Created:
2018-03-22 21:36:43 UTC
Size:
1.46 KB
patch
obsolete
>From 2d4e1c612458e853f95d93ac433cfda87cadf0d2 Mon Sep 17 00:00:00 2001 >From: "Timur I. Bakeyev" <timur@iXsystems.com> >Date: Thu, 22 Mar 2018 05:47:58 +0100 >Subject: [PATCH] Fix invocation of gnutls_aead_cipher_encrypt() > >Which was failing with GNUTLS_E_SHORT_MEMORY_BUFFER - The given memory >buffer is too short to hold parameters. > >Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com> >--- > source4/dsdb/samdb/ldb_modules/encrypted_secrets.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > >diff --git a/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c b/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c >index 226f62f641e..ee720331789 100644 >--- a/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c >+++ b/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c >@@ -848,16 +848,16 @@ static struct ldb_val gnutls_encrypt_aead(int *err, > * Encrypt the value. > */ > { >- size_t el; >- const unsigned block_size = gnutls_cipher_get_tag_size( >+ const unsigned block_size = gnutls_cipher_get_block_size( > data->encryption_algorithm); >- const unsigned tag_size = gnutls_cipher_get_block_size( >+ const unsigned tag_size = gnutls_cipher_get_tag_size( > data->encryption_algorithm); > const size_t ed_size = round_to_block_size( > block_size, > sizeof(struct PlaintextSecret) + val.length); > const size_t en_size = ed_size + tag_size; > uint8_t *ct = talloc_zero_size(frame, en_size); >+ size_t el = en_size; > > if (ct == NULL) { > ldb_set_errstring(ldb, >-- >2.14.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=14075">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 13352
: 14075 |
14081