xref: /freebsd/crypto/krb5/src/tests/t_cve-2012-1014.py (revision 7f2fe78b9dd5f51c821d771b63d2e096f6fd49e9) 
1import base64
2import socket
3from k5test import *
4
5realm = K5Realm()
6
7# CVE-2012-1014 KDC dereferences uninitialized pointer
8
9# Affects only krb5-1.10.x.
10
11s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
12a = (hostname, realm.portbase)
13
14x1 = base64.b16decode('6A5E305BA103020105A2030201')
15x2 = base64.b16decode('A44F304DA007030500FEDCBA90A10E30' +
16                      '0CA003020101A10530031B0141A2031B' +
17                      '0141A30E300CA003020101A10530031B' +
18                      '0141A511180F31393934303631303036' +
19                      '303331375AA70302012AA80530030201' +
20                      '01')
21
22for x in range(11, 128):
23    s.sendto(x1 + bytes([x]) + x2, a)
24
25# Make sure kinit still works.
26
27realm.kinit(realm.user_princ, password('user'))
28
29success('CVE-2012-1014 regression test')
30