The Samba-Bugzilla – Attachment 14081 Details for
Bug 13352
gnutls_aead_cipher_encrypt used for encrypted secrets can fail with short buffer
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Backport for 4.8
0001-Fix-invocation-of-gnutls_aead_cipher_encrypt.patch (text/plain), 1.79 KB, created by
Garming Sam
on 2018-03-25 20:59:11 UTC
(
hide
)
Description:
Backport for 4.8
Filename:
MIME Type:
Creator:
Garming Sam
Created:
2018-03-25 20:59:11 UTC
Size:
1.79 KB
patch
obsolete
>From 5b3482cbcdb33f7aa16bddc2d23294f526ce3f1a Mon Sep 17 00:00:00 2001 >From: "Timur I. Bakeyev" <timur@iXsystems.com> >Date: Thu, 22 Mar 2018 05:47:58 +0100 >Subject: [PATCH] Fix invocation of gnutls_aead_cipher_encrypt() > >Which was failing with GNUTLS_E_SHORT_MEMORY_BUFFER - The given memory >buffer is too short to hold parameters. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13352 > >Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> > >Autobuild-User(master): Garming Sam <garming@samba.org> >Autobuild-Date(master): Fri Mar 23 07:25:30 CET 2018 on sn-devel-144 > >(cherry picked from commit b9f0c7f93c058685e24d104432978bd40b94b49f) >--- > source4/dsdb/samdb/ldb_modules/encrypted_secrets.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > >diff --git a/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c b/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c >index 34c44c7..87ec9e4 100644 >--- a/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c >+++ b/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c >@@ -750,16 +750,16 @@ static struct ldb_val gnutls_encrypt_aead(int *err, > * Encrypt the value. > */ > { >- size_t el; >- const unsigned block_size = gnutls_cipher_get_tag_size( >+ const unsigned block_size = gnutls_cipher_get_block_size( > data->encryption_algorithm); >- const unsigned tag_size = gnutls_cipher_get_block_size( >+ const unsigned tag_size = gnutls_cipher_get_tag_size( > data->encryption_algorithm); > const size_t ed_size = round_to_block_size( > block_size, > sizeof(struct PlaintextSecret) + val.length); > const size_t en_size = ed_size + tag_size; > uint8_t *ct = talloc_zero_size(frame, en_size); >+ size_t el = en_size; > > if (ct == NULL) { > ldb_set_errstring(ldb, >-- >1.9.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=14081">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
garming
:
review?
(
abartlet
)
gary
:
review+
Actions:
View
Attachments on
bug 13352
:
14075
| 14081