summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorUlrich Müller <ulm@gentoo.org>2015-12-12 11:51:29 +0100
committerUlrich Müller <ulm@gentoo.org>2015-12-12 11:51:29 +0100
commit9d37ff891f244eb042a906d35abdd0542314b968 (patch)
tree1d70e57fa446e5dabdf8d1c3606bef73719fe5f6 /patchsets
parentotpcalc-0.97: Import patches from gentoo repository. (diff)
downloadulm-9d37ff891f244eb042a906d35abdd0542314b968.tar.gz
ulm-9d37ff891f244eb042a906d35abdd0542314b968.tar.bz2
ulm-9d37ff891f244eb042a906d35abdd0542314b968.zip
otpcalc: Add 08_all_extract.patch.otpcalc-0.97-patches-1
Port changes to the extract() function from the skey patchset, fixing an out-of-bounds read. Fix signedness of first function argument.
Diffstat (limited to 'patchsets')
-rw-r--r--patchsets/otpcalc/0.97/08_all_extract.patch39
1 files changed, 39 insertions, 0 deletions
diff --git a/patchsets/otpcalc/0.97/08_all_extract.patch b/patchsets/otpcalc/0.97/08_all_extract.patch
new file mode 100644
index 0000000..0f0cf41
--- /dev/null
+++ b/patchsets/otpcalc/0.97/08_all_extract.patch
@@ -0,0 +1,39 @@
+Port changes to the extract() function from the skey patchset,
+fixing an out-of-bounds read.
+
+Fix signedness of first function argument.
+
+--- otpCalc-0.97-orig/utility.c
++++ otpCalc-0.97/utility.c
+@@ -28,21 +28,21 @@
+ #include "utility.h"
+
+
+-static unsigned short extract(char *s, int start, int length)
++static unsigned short extract(unsigned char *s, int start, int length)
+ {
+
+- unsigned char cl;
+- unsigned char cc;
+- unsigned char cr;
+ unsigned int x;
++ int end, i;
+
+
+- cl = s[start / 8];
+- cc = s[start / 8 + 1];
+- cr = s[start / 8 + 2];
+- x = ((int) (cl << 8 | cc) << 8 | cr);
+- x = x >> (24 - (length + (start % 8)));
+- x = (x & (0xffff >> (16 - length)));
++ end = start + length - 1;
++ x = 0;
++ for (i = start / 8; i <= end / 8; i++) {
++ x <<= 8;
++ x |= s[i];
++ }
++ x >>= 7 - end % 8;
++ x &= (1 << length) - 1;
+
+ return (unsigned short)x;
+