Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch')
-rw-r--r--app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch19
1 files changed, 19 insertions, 0 deletions
diff --git a/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch b/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch
new file mode 100644
index 000000000000..cd9b3c041891
--- /dev/null
+++ b/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch
@@ -0,0 +1,19 @@
+https://bugs.gentoo.org/914173
+https://sourceforge.net/p/mhash/patches/12/
+https://sourceforge.net/p/mhash/bugs/43/
+
+Fixes a segfault due to use-after-free on x86 & ARM in the test suite.
+
+Index: mhash-0.9.9.9/src/hmac_test.c
+===================================================================
+--- mhash-0.9.9.9/src/hmac_test.c
++++ mhash-0.9.9.9/src/hmac_test.c 2020-04-01 00:04:44.039815882 +0200
+@@ -76,8 +76,6 @@
+
+ /* Test No 2 */
+
+- mutils_memset(tmp, 0, sizeof(tmp));
+-
+ passlen=sizeof(KEY2) - 1;
+ password = (mutils_word8 *) mutils_malloc(passlen+1);
+ mutils_memcpy(password, KEY2, passlen);