diff options
author | Ulrich Müller <ulm@gentoo.org> | 2015-12-12 11:51:29 +0100 |
---|---|---|
committer | Ulrich Müller <ulm@gentoo.org> | 2015-12-12 11:51:29 +0100 |
commit | 9d37ff891f244eb042a906d35abdd0542314b968 (patch) | |
tree | 1d70e57fa446e5dabdf8d1c3606bef73719fe5f6 | |
parent | otpcalc-0.97: Import patches from gentoo repository. (diff) | |
download | ulm-9d37ff891f244eb042a906d35abdd0542314b968.tar.gz ulm-9d37ff891f244eb042a906d35abdd0542314b968.tar.bz2 ulm-9d37ff891f244eb042a906d35abdd0542314b968.zip |
otpcalc: Add 08_all_extract.patch.otpcalc-0.97-patches-1
Port changes to the extract() function from the skey patchset,
fixing an out-of-bounds read.
Fix signedness of first function argument.
-rw-r--r-- | patchsets/otpcalc/0.97/08_all_extract.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/patchsets/otpcalc/0.97/08_all_extract.patch b/patchsets/otpcalc/0.97/08_all_extract.patch new file mode 100644 index 0000000..0f0cf41 --- /dev/null +++ b/patchsets/otpcalc/0.97/08_all_extract.patch @@ -0,0 +1,39 @@ +Port changes to the extract() function from the skey patchset, +fixing an out-of-bounds read. + +Fix signedness of first function argument. + +--- otpCalc-0.97-orig/utility.c ++++ otpCalc-0.97/utility.c +@@ -28,21 +28,21 @@ + #include "utility.h" + + +-static unsigned short extract(char *s, int start, int length) ++static unsigned short extract(unsigned char *s, int start, int length) + { + +- unsigned char cl; +- unsigned char cc; +- unsigned char cr; + unsigned int x; ++ int end, i; + + +- cl = s[start / 8]; +- cc = s[start / 8 + 1]; +- cr = s[start / 8 + 2]; +- x = ((int) (cl << 8 | cc) << 8 | cr); +- x = x >> (24 - (length + (start % 8))); +- x = (x & (0xffff >> (16 - length))); ++ end = start + length - 1; ++ x = 0; ++ for (i = start / 8; i <= end / 8; i++) { ++ x <<= 8; ++ x |= s[i]; ++ } ++ x >>= 7 - end % 8; ++ x &= (1 << length) - 1; + + return (unsigned short)x; + |