summaryrefslogtreecommitdiffstats
path: root/debian/patches/75_73-Auths-fix-possible-OOB-write-in-SPA-authenticator.-B.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/75_73-Auths-fix-possible-OOB-write-in-SPA-authenticator.-B.patch')
-rw-r--r--debian/patches/75_73-Auths-fix-possible-OOB-write-in-SPA-authenticator.-B.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/debian/patches/75_73-Auths-fix-possible-OOB-write-in-SPA-authenticator.-B.patch b/debian/patches/75_73-Auths-fix-possible-OOB-write-in-SPA-authenticator.-B.patch
new file mode 100644
index 0000000..8c763fa
--- /dev/null
+++ b/debian/patches/75_73-Auths-fix-possible-OOB-write-in-SPA-authenticator.-B.patch
@@ -0,0 +1,24 @@
+From e17b8b0f19b25a223b0cc41933b881c3a1073e61 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 11 May 2023 19:31:54 +0100
+Subject: [PATCH 3/4] Auths: fix possible OOB write in SPA authenticator. Bug
+ 3000
+
+---
+ doc/doc-txt/ChangeLog | 3 +++
+ src/src/auths/auth-spa.c | 4 +++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+--- a/src/auths/auth-spa.c
++++ b/src/auths/auth-spa.c
+@@ -1214,7 +1214,9 @@ char versionString[] = "libntlm version
+
+ #define spa_bytes_add(ptr, header, buf, count) \
+ { \
+-if (buf && (count) != 0) /* we hate -Wint-in-bool-contex */ \
++if ( buf && (count) != 0 /* we hate -Wint-in-bool-contex */ \
++ && ptr->bufIndex + count < sizeof(ptr->buffer) \
++ ) \
+ { \
+ SSVAL(&ptr->header.len,0,count); \
+ SSVAL(&ptr->header.maxlen,0,count); \
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-10 00:33:05 +0000