efivar: bump to version 30
[buildroot-gz.git] / package / mcrypt / 0001-CVE-2012-4409.patch
blob97c658bb2d3b94ae2d874da362f570580976a143
1 From 3efb40e17ce4f76717ae17a1ce1e1f747ddf59fd Mon Sep 17 00:00:00 2001
2 From: Alon Bar-Lev <alon.barlev@gmail.com>
3 Date: Sat, 22 Dec 2012 22:37:06 +0200
4 Subject: [PATCH] cleanup: buffer overflow
6 ---
7 src/extra.c | 2 ++
8 1 files changed, 2 insertions(+), 0 deletions(-)
10 diff --git a/src/extra.c b/src/extra.c
11 index 3082f82..c7a1ac0 100644
12 --- a/src/extra.c
13 +++ b/src/extra.c
14 @@ -241,6 +241,8 @@ int check_file_head(FILE * fstream, char *algorithm, char *mode,
15 if (m_getbit(6, flags) == 1) { /* if the salt bit is set */
16 if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
17 *salt_size = m_setbit(0, sflag, 0);
18 + if (*salt_size > sizeof(tmp_buf))
19 + err_quit(_("Salt is too long\n"));
20 if (*salt_size > 0) {
21 fread(tmp_buf, 1, *salt_size,
22 fstream);
23 --
24 1.7.8.6