backport fix for two-byte out-of-bounds stack write

Closes: #914501

2 files changed, 27 insertions, 0 deletions

diff --git a/debian/patches/914501_fix_two-byte_oob_stack_write b/debian/patches/914501_fix_two-byte_oob_stack_write
new file mode 100644
index 0000000..2457806
--- /dev/null
+++ b/debian/patches/914501_fix_two-byte_oob_stack_write
@@ -0,0 +1,26 @@
+Description: fix two-byte out-of-bounds stack write
+ BASE64_ENCODE_LENGTH() calculates the encoded size without padding
+Author: Timo Weingärtner <timo@tiwe.de>
+Origin: upstream, https://git.tiwe.de/ssh-agent-filter.git/commit/?id=87f2de93a6522bbcf17d1960e78641df8ecd85d3
+Bug-Debian: https://bugs.debian.org/914501
+Forwarded: not-needed
+Last-Update: 2018-11-24
+
+--- ssh-agent-filter-0.4.2.orig/ssh-agent-filter.C
++++ ssh-agent-filter-0.4.2/ssh-agent-filter.C
+@@ -116,12 +116,9 @@ string md5_hex (string const & s) {
+ }
+ 
+ string base64_encode (string const & s) {
+-	struct base64_encode_ctx ctx;
+-	base64_encode_init(&ctx);
+-	uint8_t b64[BASE64_ENCODE_LENGTH(s.size())];
+-	auto len = base64_encode_update(&ctx, b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
+-	len += base64_encode_final(&ctx, b64 + len);
+-	return {reinterpret_cast<char const *>(b64), len};
++	uint8_t b64[BASE64_ENCODE_RAW_LENGTH(s.size())];
++	base64_encode_raw(b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
++	return {reinterpret_cast<char const *>(b64), sizeof(b64)};
+ }
+ 
+ void cloexec (int fd) {
diff --git a/debian/patches/series b/debian/patches/series
index e5c2fc8..0ae2506 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 0001-workaround-FTBFS-caused-by-doko
+914501_fix_two-byte_oob_stack_write