- rel 12; fixes CVE-2017-16997

[packages/glibc.git] / glibc-crypt-blowfish.patch

diff --git a/glibc-crypt-blowfish.patch b/glibc-crypt-blowfish.patch
index 872754695c1b727cf29b7bbdcf0dd1209a7e14c1..961a44a77abf12ace2f5620eadabc079f36b6cfe 100644 (file)
--- a/glibc-crypt-blowfish.patch
+++ b/glibc-crypt-blowfish.patch
@@ -559,7 +559,7 @@ Index: crypt/crypt_blowfish.c
 +              tmp = 0;
 +              for (j = 0; j < 4; j++) {
 +                      tmp <<= 8;
-+                      tmp |= *ptr;
++                      tmp |= (unsigned char)*ptr;
 +
 +                      if (!*ptr) ptr = key; else ptr++;
 +              }
@@ -763,15 +763,15 @@ Index: crypt/crypt-entry.c
 ===================================================================
 --- crypt/crypt-entry.c.orig
 +++ crypt/crypt-entry.c
-@@ -61,6 +61,8 @@ extern char *__sha256_crypt (const char
+@@ -59,6 +59,8 @@ extern char *__sha256_crypt (const char
  extern char *__sha512_crypt_r (const char *key, const char *salt,
                               char *buffer, int buflen);
  extern char *__sha512_crypt (const char *key, const char *salt);
 +extern char *_crypt_blowfish_rn (const char *key, const char *setting,
-+                               char *output, int size);
- #endif
++                              char *output, int size);
  
  /* Define our magic string to mark salt for MD5 encryption
+    replacement.  This is meant to be the same as for other MD5 based
 @@ -74,6 +76,9 @@ static const char sha256_salt_prefix[] =
  /* Magic string for SHA512 encryption.  */
  static const char sha512_salt_prefix[] = "$6$";