summaryrefslogtreecommitdiff
path: root/libraries/libpwquality/Fix_possible_stack_overflow.patch
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/libpwquality/Fix_possible_stack_overflow.patch')
-rw-r--r--libraries/libpwquality/Fix_possible_stack_overflow.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/libraries/libpwquality/Fix_possible_stack_overflow.patch b/libraries/libpwquality/Fix_possible_stack_overflow.patch
new file mode 100644
index 0000000000..8cc9ec6b39
--- /dev/null
+++ b/libraries/libpwquality/Fix_possible_stack_overflow.patch
@@ -0,0 +1,21 @@
+
+# HG changeset patch
+# User Tomas Mraz <tmraz@redhat.com>
+# Date 1440426008 -7200
+# Node ID a4696cd7cd246f6c34a2d2f1d54d569c5e7ecd84
+# Parent bb4952bec17e830c751d99a85ae1de32e22cf659
+Fix possible stack overflow in pwquality_generate() with data from /dev/urandom.
+
+diff -r bb4952bec17e -r a4696cd7cd24 src/generate.c
+--- a/src/generate.c Thu Jul 23 14:11:30 2015 +0200
++++ b/src/generate.c Mon Aug 24 16:20:08 2015 +0200
+@@ -100,7 +100,7 @@
+ int
+ pwquality_generate(pwquality_settings_t *pwq, int entropy_bits, char **password)
+ {
+- char entropy[PWQ_MAX_ENTROPY_BITS/8 + 1];
++ char entropy[(PWQ_MAX_ENTROPY_BITS+PWQ_MAX_ENTROPY_BITS/9)/8 + 2];
+ char *tmp;
+ int maxlen;
+ int try = 0;
+
generated by cgit v1.2.3 (git 2.26.2) at 2024-12-12 05:06:47 +0000