Index: kadmin/version4.c
===================================================================
RCS file: /src/packages/kth-krb/SourceRepository/heimdal/kadmin/version4.c,v
retrieving revision 1.24
diff -u -w -r1.24 version4.c
--- kadmin/version4.c	2001/01/29 08:40:45	1.24
+++ kadmin/version4.c	2002/10/21 18:32:53
@@ -822,6 +822,13 @@
     off += _krb5_get_int(msg + off, &rlen, 4);
     memset(&authent, 0, sizeof(authent));
     authent.length = message.length - rlen - KADM_VERSIZE - 4;
+
+    if(authent.length >= MAX_KTXT_LEN) {
+	krb5_warnx(context, "received bad rlen (%lu)", (unsigned long)rlen);
+	make_you_loose_packet (KADM_LENGTH_ERROR, reply);
+	return;
+    }
+
     memcpy(authent.dat, (char*)msg + off, authent.length);
     off += authent.length;