diff options
author | Jakob Gillich <jakob@gillich.me> | 2016-01-07 05:19:06 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2016-01-07 10:10:30 +0100 |
commit | 4f4eebbded6b18d3e308c6e03943355a6622b489 (patch) | |
tree | c8d3d6a8f5061442f463abd284b3b45145c1e17d /pkgs/tools/misc/mcrypt/segv.patch | |
parent | 9265d097d51abed8fe9be479f75ec10e5352d0d9 (diff) | |
download | nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.tar nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.tar.gz nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.tar.bz2 nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.tar.lz nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.tar.xz nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.tar.zst nixpkgs-4f4eebbded6b18d3e308c6e03943355a6622b489.zip |
mcrypt: fix several security issues (close #12194)
CVE-2012-4409, CVE-2012-4426, CVE-2012-4527 Patches taken from https://gitweb.gentoo.org/repo/gentoo.git/tree/app-crypt/mcrypt/files
Diffstat (limited to 'pkgs/tools/misc/mcrypt/segv.patch')
-rw-r--r-- | pkgs/tools/misc/mcrypt/segv.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/pkgs/tools/misc/mcrypt/segv.patch b/pkgs/tools/misc/mcrypt/segv.patch new file mode 100644 index 00000000000..6796163418f --- /dev/null +++ b/pkgs/tools/misc/mcrypt/segv.patch @@ -0,0 +1,39 @@ +From 5bee29fae8f0e936ad4c957aef6035d09532a57a Mon Sep 17 00:00:00 2001 +From: Alon Bar-Lev <alon.barlev@gmail.com> +Date: Sat, 22 Dec 2012 22:04:27 +0200 +Subject: [PATCH] cleanup: fixup segv on buffer access + +use exact buffer size instead of guess. + +do not copy out of source buffer. + +Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> +--- + mcrypt-2.6.8/src/rfc2440.c | 5 +++-- + 1 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/mcrypt-2.6.8/src/rfc2440.c b/mcrypt-2.6.8/src/rfc2440.c +index 5a1f296..929b9ab 100644 +--- a/src/rfc2440.c ++++ b/src/rfc2440.c +@@ -497,7 +497,7 @@ plaintext_encode(const USTRING dat) + time_t t; + + assert(dat->len > 0); +- result = make_ustring( NULL, 2 * dat->len); /* xxx */ ++ result = make_ustring( NULL, dat->len + 12); /* xxx */ + newdat = (USTRING)dat; + result->d[pos++] = (0x80 | 0x40 | PKT_PLAINTEXT); + +@@ -810,7 +810,8 @@ encrypted_encode(const USTRING pt, const DEK *dek) + _mcrypt_encrypt(dek->hd, rndpref, dek->blocklen + 2, NULL, 0); + _mcrypt_sync(dek->hd, rndpref, dek->blocklen); + +- ct = make_ustring( rndpref, 2 * pt->len); /* xxx */ ++ ct = make_ustring( NULL, dek->blocklen + 2 + pt->len + 12); /* xxx */ ++ memcpy(ct->d, rndpref, dek->blocklen + 2); + pos = dek->blocklen + 2; + + _mcrypt_encrypt(dek->hd, ct->d + pos, pt->len, pt->d, pt->len); +-- +1.7.8.6 |