When we passed the crytobuffer to krb5_c_decrypt() we never actually

verified that we did have enough data in the buffer/tvb, which could 
lead to a SEGV.
(for example if we enable KRB5 decryption but we do NOT use TCP 
reassembly, and the encrypted data goes beyong the end of the current 
segment)


Change the signature to decrypt_krb5_data() to take a TVB instead of a 
buffer+length.
Actually check that we do have the entire encrypted PDU before calling 
out to the kerberos libraries.



svn path=/trunk/; revision=29213

0 files changed, 0 insertions, 0 deletions