41 lines
1.3 KiB
Diff
41 lines
1.3 KiB
Diff
From 0a58300cdea4733afad31df8a4ff283f3b42caca Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
|
|
Date: Sun, 11 Nov 2018 12:25:50 +0100
|
|
Subject: [PATCH] nthash: The output buffer for gensalt must be at least 30
|
|
bytes long.
|
|
|
|
The size of the buffer provided by 'o_size' must be at least 30 bytes
|
|
long to fit the terminating null byte.
|
|
Also use 'XCRYPT_STRCPY_OR_ABORT' over plain 'memcpy', since it is
|
|
the preferred method to copy strings.
|
|
---
|
|
crypt-nthash.c | 7 ++++---
|
|
1 file changed, 4 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/crypt-nthash.c b/crypt-nthash.c
|
|
index 5ae7842..bb7c1ff 100644
|
|
--- a/crypt-nthash.c
|
|
+++ b/crypt-nthash.c
|
|
@@ -119,7 +119,7 @@ gensalt_nt_rn (unsigned long count,
|
|
At least 1 byte of RBYTES is needed
|
|
to calculate the MD4 hash used in the
|
|
fake salt. */
|
|
- if ((o_size < 29) || (nrbytes < 1))
|
|
+ if ((o_size < 30) || (nrbytes < 1))
|
|
{
|
|
errno = ERANGE;
|
|
return;
|
|
@@ -142,9 +142,10 @@ gensalt_nt_rn (unsigned long count,
|
|
|
|
for (i = 0; i < 7; i++)
|
|
sprintf (&(hashstr[i * 2]), "%02x", hashbuf[i]);
|
|
+ hashstr[14] = '\0';
|
|
|
|
- memcpy (output, salt, 15);
|
|
- memcpy (output + 15, hashstr, 14+1);
|
|
+ XCRYPT_STRCPY_OR_ABORT (output, o_size, salt);
|
|
+ XCRYPT_STRCPY_OR_ABORT (output + 15, o_size - 15, hashstr);
|
|
}
|
|
|
|
#endif
|