debian/patches-applied/cve-2009-0887-libpam-pam_misc.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

Patch for cve-2009-0887
int rather than unsigned char is used to index an array.

upstream status: fixed upstream

Index: sid/libpam/pam_misc.c
===================================================================
--- sid.orig/libpam/pam_misc.c	2009-07-24 12:22:34.000000000 -0400
+++ sid/libpam/pam_misc.c	2009-07-24 12:22:45.000000000 -0400
@@ -59,10 +59,11 @@
 
      /* initialize table */
      for (i=1; i<256; table[i++] = '\0');
-     for (i=0; format[i] ; table[(int)format[i++]] = 'y');
+     for (i=0; format[i] ;
+	  table[(unsigned char)format[i++]] = 'y');
 
      /* look for first non-format char */
-     while (*from && table[(int)*from]) {
+     while (*from && table[(unsigned char)*from]) {
 	  ++from;
      }
 
@@ -92,7 +93,7 @@
             remains */
      } else if (*from) {
 	 /* simply look for next blank char */
-	 for (end=from; *end && !table[(int)*end]; ++end);
+	 for (end=from; *end && !table[(unsigned char)*end]; ++end);
      } else {
 	 return (*next = NULL);                    /* no tokens left */
      }