From 07374488c3bea69c28d4cf53b01262365da4f05f Mon Sep 17 00:00:00 2001 From: Timo Weingärtner Date: Sat, 24 Nov 2018 01:42:00 +0100 Subject: backport fix for two-byte out-of-bounds stack write Closes: #914501 --- debian/patches/914501_fix_two-byte_oob_stack_write | 26 ++++++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 27 insertions(+) create mode 100644 debian/patches/914501_fix_two-byte_oob_stack_write diff --git a/debian/patches/914501_fix_two-byte_oob_stack_write b/debian/patches/914501_fix_two-byte_oob_stack_write new file mode 100644 index 0000000..2457806 --- /dev/null +++ b/debian/patches/914501_fix_two-byte_oob_stack_write @@ -0,0 +1,26 @@ +Description: fix two-byte out-of-bounds stack write + BASE64_ENCODE_LENGTH() calculates the encoded size without padding +Author: Timo Weingärtner +Origin: upstream, https://git.tiwe.de/ssh-agent-filter.git/commit/?id=87f2de93a6522bbcf17d1960e78641df8ecd85d3 +Bug-Debian: https://bugs.debian.org/914501 +Forwarded: not-needed +Last-Update: 2018-11-24 + +--- ssh-agent-filter-0.4.2.orig/ssh-agent-filter.C ++++ ssh-agent-filter-0.4.2/ssh-agent-filter.C +@@ -116,12 +116,9 @@ string md5_hex (string const & s) { + } + + string base64_encode (string const & s) { +- struct base64_encode_ctx ctx; +- base64_encode_init(&ctx); +- uint8_t b64[BASE64_ENCODE_LENGTH(s.size())]; +- auto len = base64_encode_update(&ctx, b64, s.size(), reinterpret_cast(s.data())); +- len += base64_encode_final(&ctx, b64 + len); +- return {reinterpret_cast(b64), len}; ++ uint8_t b64[BASE64_ENCODE_RAW_LENGTH(s.size())]; ++ base64_encode_raw(b64, s.size(), reinterpret_cast(s.data())); ++ return {reinterpret_cast(b64), sizeof(b64)}; + } + + void cloexec (int fd) { diff --git a/debian/patches/series b/debian/patches/series index e5c2fc8..0ae2506 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 0001-workaround-FTBFS-caused-by-doko +914501_fix_two-byte_oob_stack_write -- cgit v1.2.3