Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
pam_radius.19845
pam_radius-bufferoverflow-CVE-2015-9542-fix.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pam_radius-bufferoverflow-CVE-2015-9542-fix.patch of Package pam_radius.19845
Index: pam_radius-1.4.0/src/pam_radius_auth.c =================================================================== --- pam_radius-1.4.0.orig/src/pam_radius_auth.c +++ pam_radius-1.4.0/src/pam_radius_auth.c @@ -528,6 +528,9 @@ static void add_password(AUTH_HDR *reque length = MAXPASS; } + memset(hashed + length, 0, sizeof(hashed) - length); + memcpy(hashed, password, length); + if (length == 0) { length = AUTH_PASS_LEN; /* 0 maps to 16 */ } if ((length & (AUTH_PASS_LEN - 1)) != 0) { @@ -535,9 +538,6 @@ static void add_password(AUTH_HDR *reque length &= ~(AUTH_PASS_LEN - 1); /* chop it off */ } /* 16*N maps to itself */ - memset(hashed, 0, length); - memcpy(hashed, password, strlen(password)); - attr = find_attribute(request, PW_PASSWORD); if (type == PW_PASSWORD) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor