blob: e44bc91a5e314f5a7c314f1c17558f3d8e6dd6ae (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
Patch for cve-2009-0887
int rather than unsigned char is used to index an array.
upstream status: fixed upstream
Index: sid/libpam/pam_misc.c
===================================================================
--- sid.orig/libpam/pam_misc.c 2009-07-24 12:22:34.000000000 -0400
+++ sid/libpam/pam_misc.c 2009-07-24 12:22:45.000000000 -0400
@@ -59,10 +59,11 @@
/* initialize table */
for (i=1; i<256; table[i++] = '\0');
- for (i=0; format[i] ; table[(int)format[i++]] = 'y');
+ for (i=0; format[i] ;
+ table[(unsigned char)format[i++]] = 'y');
/* look for first non-format char */
- while (*from && table[(int)*from]) {
+ while (*from && table[(unsigned char)*from]) {
++from;
}
@@ -92,7 +93,7 @@
remains */
} else if (*from) {
/* simply look for next blank char */
- for (end=from; *end && !table[(int)*end]; ++end);
+ for (end=from; *end && !table[(unsigned char)*end]; ++end);
} else {
return (*next = NULL); /* no tokens left */
}
|