buildroot

From 33d7fa4585247cd2247a1ffa032ad245836c6edb Mon Sep 17 00:00:00 2001

From: Jan Dittberner <jan@dittberner.info>

Date: Thu, 25 Aug 2016 17:17:53 +0200

Subject: [PATCH] Fix a buffer overflow processing long words

​

A buffer overflow processing long words has been discovered. This commit

applies the patch from

https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch

by Howard Guo.

​

See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386 and

http://www.openwall.com/lists/oss-security/2016/08/23/8

​

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>

---

​

Status: upstream, not yet released.

​

 lib/rules.c | 5 ++---

 2 files changed, 3 insertions(+), 3 deletions(-)

​

diff --git a/lib/rules.c b/lib/rules.c

index d193cc0..3a2aa46 100644

--- a/lib/rules.c

+++ b/lib/rules.c

@@ -434,9 +434,8 @@ Mangle(input, control)      /* returns a pointer to a controlled Mangle */

 {

     int limit;

     register char *ptr;

-    static char area[STRINGSIZE];

-    char area2[STRINGSIZE];

-    area[0] = '\0';

+    static char area[STRINGSIZE * 2] = {0};

+    char area2[STRINGSIZE * 2] = {0};

     strcpy(area, input);

     for (ptr = control; *ptr; ptr++)

-- 

2.9.3

​