Code Review / packages / trusty / cirros-testvm.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
The cirros image was rebuilt against the 3.13.0-83 kernel, drivers e1000e, igbvf...
[packages/trusty/cirros-testvm.git] / cirros-testvm / src-cirros / buildroot-2015.05 / package / mcrypt / 0001-CVE-2012-4409.patch
diff --git a/cirros-testvm/src-cirros/buildroot-2015.05/package/mcrypt/0001-CVE-2012-4409.patch b/cirros-testvm/src-cirros/buildroot-2015.05/package/mcrypt/0001-CVE-2012-4409.patch
new file mode 100644 (file)
index 0000000..97c658b
--- /dev/null
+++ b/cirros-testvm/src-cirros/buildroot-2015.05/package/mcrypt/0001-CVE-2012-4409.patch
@@ -0,0 +1,25 @@
+From 3efb40e17ce4f76717ae17a1ce1e1f747ddf59fd Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Sat, 22 Dec 2012 22:37:06 +0200
+Subject: [PATCH] cleanup: buffer overflow
+
+---
+ src/extra.c |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/src/extra.c b/src/extra.c
+index 3082f82..c7a1ac0 100644
+--- a/src/extra.c
++++ b/src/extra.c
+@@ -241,6 +241,8 @@ int check_file_head(FILE * fstream, char *algorithm, char *mode,
+               if (m_getbit(6, flags) == 1) { /* if the salt bit is set */
+                       if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
+                               *salt_size = m_setbit(0, sflag, 0);
++                              if (*salt_size > sizeof(tmp_buf))
++                                      err_quit(_("Salt is too long\n"));
+                               if (*salt_size > 0) {
+                                       fread(tmp_buf, 1, *salt_size,
+                                             fstream);
+-- 
+1.7.8.6
+