[jackhill/guix/guix.git] / gnu / packages / patches / mcrypt-CVE-2012-4409.patch

From 4876e3a692739bb9ca00d0f500fd5f4b3eb16ce3 Mon Sep 17 00:00:00 2001
From: Tom Callaway <spot@fedoraproject.org>
Date: Fri, 7 Sep 2012 11:39:29 -0400
Subject: apply fix for CVE-2012-4409 (thanks to Raphael Geissert)

--- mcrypt-2.6.8/src/extra.c.CVE-2012-4409	2012-09-07 11:00:55.906870746 -0400
+++ mcrypt-2.6.8/src/extra.c	2012-09-07 11:00:27.967858365 -0400
@@ -242,6 +242,8 @@ int check_file_head(FILE * fstream, char
 			if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
 				*salt_size = m_setbit(0, sflag, 0);
 				if (*salt_size > 0) {
+					if (*salt_size > sizeof(tmp_buf))
+						err_quit(_("Salt is too long\n"));
 					fread(tmp_buf, 1, *salt_size,
 					      fstream);
 					memmove(salt, tmp_buf, *salt_size);
 
-- 
cgit v0.12
Commit	Line	Data
fd146187 EF	1	From 4876e3a692739bb9ca00d0f500fd5f4b3eb16ce3 Mon Sep 17 00:00:00 2001
	2	From: Tom Callaway <spot@fedoraproject.org>
	3	Date: Fri, 7 Sep 2012 11:39:29 -0400
	4	Subject: apply fix for CVE-2012-4409 (thanks to Raphael Geissert)
	5
324f4fc5 LF	6	--- mcrypt-2.6.8/src/extra.c.CVE-2012-4409 2012-09-07 11:00:55.906870746 -0400
	7	+++ mcrypt-2.6.8/src/extra.c 2012-09-07 11:00:27.967858365 -0400
	8	@@ -242,6 +242,8 @@ int check_file_head(FILE * fstream, char
	9	if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
	10	*salt_size = m_setbit(0, sflag, 0);
	11	if (*salt_size > 0) {
	12	+ if (*salt_size > sizeof(tmp_buf))
	13	+ err_quit(_("Salt is too long\n"));
	14	fread(tmp_buf, 1, *salt_size,
	15	fstream);
	16	memmove(salt, tmp_buf, *salt_size);
fd146187 EF	17
	18	--
	19	cgit v0.12
	20