aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/cracklib-CVE-2016-6318.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/cracklib-CVE-2016-6318.patch')
-rw-r--r--gnu/packages/patches/cracklib-CVE-2016-6318.patch95
1 files changed, 0 insertions, 95 deletions
diff --git a/gnu/packages/patches/cracklib-CVE-2016-6318.patch b/gnu/packages/patches/cracklib-CVE-2016-6318.patch
deleted file mode 100644
index 4806ecaae9..0000000000
--- a/gnu/packages/patches/cracklib-CVE-2016-6318.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-Fix CVE-2016-6318.
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318
-
-Patch copied from Red Hat:
-
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6318
-https://bugzilla.redhat.com/attachment.cgi?id=1188599&action=diff
-
-It is not safe to pass words longer than STRINGSIZE further to cracklib
-so the longbuffer cannot be longer than STRINGSIZE.
-diff -up cracklib-2.9.0/lib/fascist.c.longgecos cracklib-2.9.0/lib/fascist.c
---- cracklib-2.9.0/lib/fascist.c.longgecos 2014-02-06 16:03:59.000000000 +0100
-+++ cracklib-2.9.0/lib/fascist.c 2016-08-08 12:05:40.279235815 +0200
-@@ -515,7 +515,7 @@ FascistGecosUser(char *password, const c
- char gbuffer[STRINGSIZE];
- char tbuffer[STRINGSIZE];
- char *uwords[STRINGSIZE];
-- char longbuffer[STRINGSIZE * 2];
-+ char longbuffer[STRINGSIZE];
-
- if (gecos == NULL)
- gecos = "";
-@@ -596,38 +596,47 @@ FascistGecosUser(char *password, const c
- {
- for (i = 0; i < j; i++)
- {
-- strcpy(longbuffer, uwords[i]);
-- strcat(longbuffer, uwords[j]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
- {
-- return _("it is derived from your password entry");
-- }
--
-- strcpy(longbuffer, uwords[j]);
-- strcat(longbuffer, uwords[i]);
-+ strcpy(longbuffer, uwords[i]);
-+ strcat(longbuffer, uwords[j]);
-
-- if (GTry(longbuffer, password))
-- {
-- return _("it's derived from your password entry");
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it is derived from your password entry");
-+ }
-+
-+ strcpy(longbuffer, uwords[j]);
-+ strcat(longbuffer, uwords[i]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it's derived from your password entry");
-+ }
- }
-
-- longbuffer[0] = uwords[i][0];
-- longbuffer[1] = '\0';
-- strcat(longbuffer, uwords[j]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[j]) < STRINGSIZE - 1)
- {
-- return _("it is derivable from your password entry");
-+ longbuffer[0] = uwords[i][0];
-+ longbuffer[1] = '\0';
-+ strcat(longbuffer, uwords[j]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it is derivable from your password entry");
-+ }
- }
-
-- longbuffer[0] = uwords[j][0];
-- longbuffer[1] = '\0';
-- strcat(longbuffer, uwords[i]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[i]) < STRINGSIZE - 1)
- {
-- return _("it's derivable from your password entry");
-+ longbuffer[0] = uwords[j][0];
-+ longbuffer[1] = '\0';
-+ strcat(longbuffer, uwords[i]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it's derivable from your password entry");
-+ }
- }
- }
- }