| blob | c44e33dad7b7fea1e392f205c53aca1225a0abd8 |
1 # Prevent gdbm from storing uninitialized memory content
2 # to database files. This patch improves security, as the
3 # uninitialized memory might contain sensitive informations
4 # from other applications.
5 # https://bugzilla.redhat.com/show_bug.cgi?id=4457
6 # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927
8 --- src/falloc.c.orig 2017-03-14 07:13:25.976990206 +0000
9 +++ src/falloc.c 2017-03-14 07:17:27.833002683 +0000
10 @@ -278,7 +278,7 @@
12 /* Split the header block. */
13 temp = GDBM_DEBUG_ALLOC ("push_avail_block:malloc-failure",
14 - malloc (av_size));
15 + calloc (1, av_size));
16 if (temp == NULL)
17 {
18 GDBM_SET_ERRNO (dbf, GDBM_MALLOC_ERROR, TRUE);
19 --- src/gdbmopen.c.orig 2017-03-14 07:23:52.954022551 +0000
20 +++ src/gdbmopen.c 2017-03-14 07:26:31.950030754 +0000
21 @@ -529,7 +529,7 @@
22 {
23 (dbf->bucket_cache[index]).ca_bucket =
24 GDBM_DEBUG_ALLOC ("_gdbm_init_cache:bucket-malloc-failure",
25 - malloc (dbf->header->bucket_size));
26 + calloc (1, dbf->header->bucket_size));
27 if ((dbf->bucket_cache[index]).ca_bucket == NULL)
28 {
29 GDBM_SET_ERRNO (dbf, GDBM_MALLOC_ERROR, TRUE);