From 4de9dd39a6728211e0b3d931e407dc1782ff6090 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@debian.org>
Date: Fri, 24 Jul 2009 12:27:12 -0400
Subject: cve-2009-0887-libpam-pam_misc.patch: avoid integer signedness problem
 (CVE-2009-0887) (Closes: #520115)

---
 debian/changelog                                   |  6 +++-
 .../cve-2009-0887-libpam-pam_misc.patch            | 32 ++++++++++++++++++++++
 debian/patches-applied/pam_mail-fix-quiet          |  4 +--
 debian/patches-applied/series                      |  1 +
 4 files changed, 40 insertions(+), 3 deletions(-)
 create mode 100644 debian/patches-applied/cve-2009-0887-libpam-pam_misc.patch

diff --git a/debian/changelog b/debian/changelog
index 8666f373..e425b3ae 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -24,7 +24,11 @@ pam (1.0.1-10) UNRELEASED; urgency=low
   * debian/patches/update-motd: run the update-motd scripts in pam_motd;
     render update-motd obsolete, LP: #399071
 
- -- Steve Langasek <vorlon@debian.org>  Sun, 22 Mar 2009 20:36:14 -0700
+  [ Sam Hartman ]
+  * cve-2009-0887-libpam-pam_misc.patch: avoid integer signedness problem
+    (CVE-2009-0887) (Closes: #520115) 
+
+ -- Sam Hartman <hartmans@debian.org>  Fri, 24 Jul 2009 12:24:01 -0400
 
 pam (1.0.1-9) unstable; urgency=low
 
diff --git a/debian/patches-applied/cve-2009-0887-libpam-pam_misc.patch b/debian/patches-applied/cve-2009-0887-libpam-pam_misc.patch
new file mode 100644
index 00000000..e44bc91a
--- /dev/null
+++ b/debian/patches-applied/cve-2009-0887-libpam-pam_misc.patch
@@ -0,0 +1,32 @@
+Patch for cve-2009-0887
+int rather than unsigned char is used to index an array.
+
+upstream status: fixed upstream
+
+Index: sid/libpam/pam_misc.c
+===================================================================
+--- sid.orig/libpam/pam_misc.c	2009-07-24 12:22:34.000000000 -0400
++++ sid/libpam/pam_misc.c	2009-07-24 12:22:45.000000000 -0400
+@@ -59,10 +59,11 @@
+ 
+      /* initialize table */
+      for (i=1; i<256; table[i++] = '\0');
+-     for (i=0; format[i] ; table[(int)format[i++]] = 'y');
++     for (i=0; format[i] ;
++	  table[(unsigned char)format[i++]] = 'y');
+ 
+      /* look for first non-format char */
+-     while (*from && table[(int)*from]) {
++     while (*from && table[(unsigned char)*from]) {
+ 	  ++from;
+      }
+ 
+@@ -92,7 +93,7 @@
+             remains */
+      } else if (*from) {
+ 	 /* simply look for next blank char */
+-	 for (end=from; *end && !table[(int)*end]; ++end);
++	 for (end=from; *end && !table[(unsigned char)*end]; ++end);
+      } else {
+ 	 return (*next = NULL);                    /* no tokens left */
+      }
diff --git a/debian/patches-applied/pam_mail-fix-quiet b/debian/patches-applied/pam_mail-fix-quiet
index 7673effa..b85637ca 100644
--- a/debian/patches-applied/pam_mail-fix-quiet
+++ b/debian/patches-applied/pam_mail-fix-quiet
@@ -5,8 +5,8 @@ Upstream status: applied in upstream CVS September 2008
 
 Index: sid/modules/pam_mail/pam_mail.c
 ===================================================================
---- sid.orig/modules/pam_mail/pam_mail.c	2009-05-30 17:02:33.000000000 -0400
-+++ sid/modules/pam_mail/pam_mail.c	2009-05-30 17:20:28.000000000 -0400
+--- sid.orig/modules/pam_mail/pam_mail.c	2009-07-21 04:31:54.000000000 -0400
++++ sid/modules/pam_mail/pam_mail.c	2009-07-24 12:16:47.000000000 -0400
 @@ -303,8 +303,13 @@
  {
      int retval;
diff --git a/debian/patches-applied/series b/debian/patches-applied/series
index 3e763c96..f9ba7482 100644
--- a/debian/patches-applied/series
+++ b/debian/patches-applied/series
@@ -26,3 +26,4 @@ pam_1.0.4_mindays
 update-motd
 pam_mail-fix-quiet
 
+cve-2009-0887-libpam-pam_misc.patch
-- 
cgit v1.2.3