blob: 8cc9ec6b3930963f38a8098f8f1c8870dc5f8837 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
# HG changeset patch
# User Tomas Mraz <tmraz@redhat.com>
# Date 1440426008 -7200
# Node ID a4696cd7cd246f6c34a2d2f1d54d569c5e7ecd84
# Parent bb4952bec17e830c751d99a85ae1de32e22cf659
Fix possible stack overflow in pwquality_generate() with data from /dev/urandom.
diff -r bb4952bec17e -r a4696cd7cd24 src/generate.c
--- a/src/generate.c Thu Jul 23 14:11:30 2015 +0200
+++ b/src/generate.c Mon Aug 24 16:20:08 2015 +0200
@@ -100,7 +100,7 @@
int
pwquality_generate(pwquality_settings_t *pwq, int entropy_bits, char **password)
{
- char entropy[PWQ_MAX_ENTROPY_BITS/8 + 1];
+ char entropy[(PWQ_MAX_ENTROPY_BITS+PWQ_MAX_ENTROPY_BITS/9)/8 + 2];
char *tmp;
int maxlen;
int try = 0;
|