0014-Upstream-fix-for-heap-overflow.patch (1094B)
- From d97748a061a3beb8bdf4d5d0a2458086951960ff Mon Sep 17 00:00:00 2001
- From: Petr Stodulka <pstodulk@redhat.com>
- Date: Mon, 14 Sep 2015 18:23:17 +0200
- Subject: [PATCH] Upstream fix for heap overflow
- ---
- crypt.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
- diff --git a/crypt.c b/crypt.c
- index 784e411..a8975f2 100644
- --- a/crypt.c
- +++ b/crypt.c
- @@ -465,7 +465,17 @@ int decrypt(__G__ passwrd)
- GLOBAL(pInfo->encrypted) = FALSE;
- defer_leftover_input(__G);
- for (n = 0; n < RAND_HEAD_LEN; n++) {
- - b = NEXTBYTE;
- + /* 2012-11-23 SMS. (OUSPG report.)
- + * Quit early if compressed size < HEAD_LEN. The resulting
- + * error message ("unable to get password") could be improved,
- + * but it's better than trying to read nonexistent data, and
- + * then continuing with a negative G.csize. (See
- + * fileio.c:readbyte()).
- + */
- + if ((b = NEXTBYTE) == (ush)EOF)
- + {
- + return PK_ERR;
- + }
- h[n] = (uch)b;
- Trace((stdout, " (%02x)", h[n]));
- }
- --
- 2.20.1