$NetBSD: patch-bw,v 1.1 2010/02/24 19:07:51 tez Exp $

--- lib/crypto/old/old_decrypt.c.orig	2003-07-22 14:09:31.000000000 -0500
+++ lib/crypto/old/old_decrypt.c	2010-02-23 17:43:53.702276900 -0600
@@ -45,8 +45,10 @@
     blocksize = enc->block_size;
     hashsize = hash->hashsize;
 
+    /* Verify input and output lengths. */
+    if (input->length < blocksize + hashsize || input->length % blocksize != 0)
+	return(KRB5_BAD_MSIZE);
     plainsize = input->length - blocksize - hashsize;
-
     if (arg_output->length < plainsize)
 	return(KRB5_BAD_MSIZE);
 
