git: crypt(3) - Paper over sizeof()/strlen() bug causing 32/64-bit issues
Samuel Greear
sjg at crater.dragonflybsd.org
Fri Jan 20 12:03:49 PST 2012
commit 5108d56f29e4e338650bc6fd479474ae383acb46
Author: Samuel J. Greear <sjg at thesjg.com>
Date: Fri Jan 20 13:04:56 2012 -0700
crypt(3) - Paper over sizeof()/strlen() bug causing 32/64-bit issues
* In one place sizeof() was used instead of strlen(), causing the password
to be muxed with 4 bytes of random stack data on 64-bit machines. Codify
this behavior for reverse compatibility.
Summary of changes:
lib/libcrypt/deprecated-crypt-sha256.c | 21 ++++++++++++++++-----
lib/libcrypt/deprecated-crypt-sha512.c | 21 ++++++++++++++++-----
2 files changed, 32 insertions(+), 10 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5108d56f29e4e338650bc6fd479474ae383acb46
--
DragonFly BSD source repository
More information about the Commits
mailing list