[Pkg-cracklib-commits] [pkg-cracklib] 01/06: Fix "Buffer overflow processing long words" by applying patch from https://build.opensuse.org/package/view_file/Base:System/cracklib/ 0004-overflow-processing-long-words.patch (Closes: #835386)
Jan Dittberner
jandd at moszumanska.debian.org
Thu Aug 25 15:46:45 UTC 2016
This is an automated email from the git hooks/post-receive script.
jandd pushed a commit to branch master
in repository pkg-cracklib.
commit 9a882cd117a27ab32f56bde86ee014af2a30c19f
Author: Jan Dittberner <jandd at debian.org>
Date: Thu Aug 25 17:03:51 2016 +0200
Fix "Buffer overflow processing long words" by applying patch from https://build.opensuse.org/package/view_file/Base:System/cracklib/ 0004-overflow-processing-long-words.patch (Closes: #835386)
---
debian/changelog | 8 ++++++++
.../patches/overflow-processing-long-words.patch | 22 ++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 31 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index e43344d..e5db67a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+cracklib2 (2.9.2-3) UNRELEASED; urgency=medium
+
+ * Fix "Buffer overflow processing long words" by applying patch from
+ https://build.opensuse.org/package/view_file/Base:System/cracklib/
+ 0004-overflow-processing-long-words.patch (Closes: #835386)
+
+ -- Jan Dittberner <jandd at debian.org> Thu, 25 Aug 2016 17:03:01 +0200
+
cracklib2 (2.9.2-2) unstable; urgency=medium
* Fix "CVE-2016-6318: Stack-based buffer overflow when parsing large
diff --git a/debian/patches/overflow-processing-long-words.patch b/debian/patches/overflow-processing-long-words.patch
new file mode 100644
index 0000000..5d459d6
--- /dev/null
+++ b/debian/patches/overflow-processing-long-words.patch
@@ -0,0 +1,22 @@
+Description: The input word is guaranteed to be at most STRINGSIZE-1 in length.
+ One of the mangle operations involves duplicating the input word, resulting in
+ a string twice the length to be accommodated by both area variables.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386
+Author: Howard Guo <hguo at suse.com>
+Last-Update: 2016-08-17
+
+diff -rupN 3/lib/rules.c 3-patched/lib/rules.c
+--- 3/lib/rules.c 2016-08-16 14:16:24.033261876 +0200
++++ 3-patched/lib/rules.c 2016-08-17 13:57:14.485782894 +0200
+@@ -434,9 +434,8 @@ Mangle(input, control) /* returns a poi
+ {
+ int limit;
+ register char *ptr;
+- static char area[STRINGSIZE];
+- char area2[STRINGSIZE];
+- area[0] = '\0';
++ static char area[STRINGSIZE * 2] = {0};
++ char area2[STRINGSIZE * 2] = {0};
+ strcpy(area, input);
+
+ for (ptr = control; *ptr; ptr++)
diff --git a/debian/patches/series b/debian/patches/series
index fcd2207..5f148ae 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@ install-debian-python-modules.patch
libcrack2-error-safer-check-variant.patch
improve_test_737040.patch
CVE-2016-6318.patch
+overflow-processing-long-words.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-cracklib/pkg-cracklib.git
More information about the Pkg-cracklib-commits
mailing list