diff options
Diffstat (limited to 'debian/patches-applied/pam_env-fix-overflow.patch')
| -rw-r--r-- | debian/patches-applied/pam_env-fix-overflow.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/debian/patches-applied/pam_env-fix-overflow.patch b/debian/patches-applied/pam_env-fix-overflow.patch new file mode 100644 index 00000000..7797359a --- /dev/null +++ b/debian/patches-applied/pam_env-fix-overflow.patch @@ -0,0 +1,29 @@ +Description: correctly count leading whitespace when parsing environment + file (CVE-2011-3148). +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469 +Author: Kees Cook <kees@debian.org> + +Index: pam-debian/modules/pam_env/pam_env.c +=================================================================== +--- pam-debian.orig/modules/pam_env/pam_env.c 2011-10-14 10:51:30.973701139 -0700 ++++ pam-debian/modules/pam_env/pam_env.c 2011-10-14 12:32:25.578188004 -0700 +@@ -287,6 +287,7 @@ + char *p = buffer; + char *s, *os; + int used = 0; ++ int whitespace; + + /* loop broken with a 'break' when a non-'\\n' ended line is read */ + +@@ -309,8 +310,10 @@ + + /* skip leading spaces --- line may be blank */ + +- s = p + strspn(p, " \n\t"); ++ whitespace = strspn(p, " \n\t"); ++ s = p + whitespace; + if (*s && (*s != '#')) { ++ used += whitespace; + os = s; + + /* |