X-Git-Url: https://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=src%2Fauth%2Fktc_nt.c;h=af070fa0b525b01a9e2b1c53c564721995b12fa1;hp=67834d5b76686072ea02b83239921d5a452cf0c4;hb=4c6238b3d9a18bc5ac0bb0ebde1dc2d47f7cdb22;hpb=8939c5189d4ef626de580dd4790499ceaa56b2b4

diff --git a/src/auth/ktc_nt.c b/src/auth/ktc_nt.c
index 67834d5..af070fa 100644
--- a/src/auth/ktc_nt.c
+++ b/src/auth/ktc_nt.c
@@ -538,8 +538,12 @@ ktc_GetToken(struct ktc_principal *server, struct ktc_token *token,
 
     /* user name is here */
 
-    /* check that ticket will fit */
-    if (MAXKTCTICKETLEN < ticketLen)
+    /* check that ticket will fit 
+	 * this compares the size of the ktc_token allocated by the app
+	 * which might be smaller than the current definition of MAXKTCTICKETLEN
+	 */
+	maxLen = tokenLen - sizeof(struct ktc_token) + MAXKTCTICKETLEN;
+	if (maxLen < ticketLen)
 		return KTC_TOOBIG;
 
     /* set return values */