Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-python/pycrypto/files
diff options
context:
space:
mode:
Diffstat (limited to 'dev-python/pycrypto/files')
-rw-r--r--dev-python/pycrypto/files/pycrypto-2.0.1-CVE-2009-0544.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/dev-python/pycrypto/files/pycrypto-2.0.1-CVE-2009-0544.patch b/dev-python/pycrypto/files/pycrypto-2.0.1-CVE-2009-0544.patch
new file mode 100644
index 000000000000..9a4734cf608d
--- /dev/null
+++ b/dev-python/pycrypto/files/pycrypto-2.0.1-CVE-2009-0544.patch
@@ -0,0 +1,23 @@
+--- src/ARC2.c.orig 2009-03-03 23:53:08.000000000 -0430
++++ src/ARC2.c 2009-03-03 23:53:08.000000000 -0430
+@@ -11,6 +11,7 @@
+ */
+
+ #include <string.h>
++#include "Python.h"
+
+ #define MODULE_NAME ARC2
+ #define BLOCK_SIZE 8
+@@ -146,6 +147,12 @@
+ We'll hardwire it to 1024. */
+ #define bits 1024
+
++ if ((U32)keylength > sizeof(self->xkey)) {
++ PyErr_SetString(PyExc_ValueError,
++ "ARC2 key length must be less than 128 bytes");
++ return;
++ }
++
+ memcpy(self->xkey, key, keylength);
+
+ /* Phase 1: Expand input key to 128 bytes */