From 241e29bdfd6af58101d51d437d0c35a38906cc31 Mon Sep 17 00:00:00 2001
From: Samuel Just <samuel.just@dreamhost.com>
Date: Fri, 18 Mar 2011 17:40:41 -0700
Subject: [PATCH] CephxProtocol.cc: invalid authorizer data should not crash
 the osd

Signed-off-by: Samuel Just <samuel.just@dreamhost.com>
---
 src/auth/cephx/CephxProtocol.cc | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index 03d7a821bf8a3..c0b2cb9ece32b 100644
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -16,6 +16,7 @@
 #include "common/Clock.h"
 #include "common/config.h"
 #include "common/debug.h"
+#include "include/buffer.h"
 
 #define DOUT_SUBSYS auth
 #undef dout_prefix
@@ -368,18 +369,22 @@ bool cephx_verify_authorizer(KeyStore *keys,
 			     CephXServiceTicketInfo& ticket_info, bufferlist& reply_bl)
 {
   __u8 authorizer_v;
-  ::decode(authorizer_v, indata);
-
   uint32_t service_id;
   uint64_t global_id;
   CryptoKey service_secret;
-
-  ::decode(global_id, indata);
-  ::decode(service_id, indata);
-
   // ticket blob
   CephXTicketBlob ticket;
-  ::decode(ticket, indata);
+
+
+  try {
+    ::decode(authorizer_v, indata);
+    ::decode(global_id, indata);
+    ::decode(service_id, indata);
+    ::decode(ticket, indata);
+  } catch (buffer::end_of_buffer e) {
+    // Unable to decode!
+    return false;
+  }
   dout(10) << "verify_authorizer decrypted service " << ceph_entity_type_name(service_id)
 	   << " secret_id=" << ticket.secret_id << dendl;
 
-- 
2.39.5