Fix possible stack overflow in the generate function (#1255935)

2015-08-24 16:26:41 +02:00 · 2015-08-24 16:26:41 +02:00 · c7f967cd35
commit c7f967cd35
parent c68f90a496
2 changed files with 26 additions and 1 deletions
--- a/libpwquality-1.3.0-generate-overflow.patch
+++ b/libpwquality-1.3.0-generate-overflow.patch
@ -0,0 +1,20 @@
+# HG changeset patch
+# User Tomas Mraz <tmraz@redhat.com>
+# Date 1440426008 -7200
+#      Mon Aug 24 16:20:08 2015 +0200
+# Node ID a4696cd7cd246f6c34a2d2f1d54d569c5e7ecd84
+# Parent  bb4952bec17e830c751d99a85ae1de32e22cf659
+Fix possible stack overflow in pwquality_generate() with data from /dev/urandom.
+
+diff -r bb4952bec17e -r a4696cd7cd24 src/generate.c
+--- a/src/generate.c	Thu Jul 23 14:11:30 2015 +0200
+++ b/src/generate.c	Mon Aug 24 16:20:08 2015 +0200
+@@ -100,7 +100,7 @@
+ int
+ pwquality_generate(pwquality_settings_t *pwq, int entropy_bits, char **password)
+ {
+-        char entropy[PWQ_MAX_ENTROPY_BITS/8 + 1];
+        char entropy[(PWQ_MAX_ENTROPY_BITS+PWQ_MAX_ENTROPY_BITS/9)/8 + 2];
+         char *tmp;
+         int maxlen;
+         int try = 0;
--- a/libpwquality.spec
+++ b/libpwquality.spec
@ -1,12 +1,13 @@
 Summary: A library for password generation and password quality checking
 Name: libpwquality
 Version: 1.3.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 # The package is BSD licensed with option to relicense as GPLv2+
 # - this option is redundant as the BSD license allows that anyway.
 License: BSD or GPLv2+
 Group: System Environment/Base
 Source0: http://fedorahosted.org/releases/l/i/libpwquality/libpwquality-%{version}.tar.bz2
+Patch1: libpwquality-1.3.0-generate-overflow.patch

 %global _pwqlibdir %{_libdir}
 %global _moduledir %{_libdir}/security
@ -66,6 +67,7 @@ pronounceable passwords from Python applications.

 %prep
 %setup -q
+%patch1 -p1 -b .overflow

 rm -rf %{py3dir}
 cp -a . %{py3dir}
@ -149,6 +151,9 @@ mkdir $RPM_BUILD_ROOT%{_secconfdir}/pwquality.conf.d
 %{python3_sitearch}/*.egg-info

 %changelog
+* Mon Aug 24 2015 Tomáš Mráz <tmraz@redhat.com> 1.3.0-2
+- Fix possible stack overflow in the generate function (#1255935)
+
 * Thu Jul 23 2015 Tomáš Mráz <tmraz@redhat.com> 1.3.0-1
 - Change the defaults for credits, difok, and minlen
 - Make the cracklib check optional but on by default