Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
pam_radius.14767
pam_radius-bufferoverflow-CVE-2015-9542-fix.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pam_radius-bufferoverflow-CVE-2015-9542-fix.patch of Package pam_radius.14767
Index: pam_radius-1.3.16/pam_radius_auth.c =================================================================== --- pam_radius-1.3.16.orig/pam_radius_auth.c +++ pam_radius-1.3.16/pam_radius_auth.c @@ -506,6 +506,9 @@ add_password(AUTH_HDR *request, unsigned length = MAXPASS; } + memset(hashed + length, 0, sizeof(hashed) - length); + memcpy(hashed, password, length); + if (length == 0) { length = AUTH_PASS_LEN; /* 0 maps to 16 */ } if ((length & (AUTH_PASS_LEN - 1)) != 0) { @@ -513,9 +516,6 @@ add_password(AUTH_HDR *request, unsigned length &= ~(AUTH_PASS_LEN - 1); /* chop it off */ } /* 16*N maps to itself */ - memset(hashed, 0, length); - memcpy(hashed, password, strlen(password)); - attr = find_attribute(request, PW_PASSWORD); if (type == PW_PASSWORD) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor