rpms / 389-ds-base

Clone
Source Code
GIT

Blame SOURCES/0030-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   4aa5b29fffb527963f70060cb91ad43c183aae45
  2.   SOURCES
  3.   0030-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
Blob History Raw
7c7f29 
From 741e8534323f6b7eb5565f8ec09ab2731e52735b Mon Sep 17 00:00:00 2001
7c7f29 
From: Noriko Hosoi <nhosoi@redhat.com>
7c7f29 
Date: Thu, 4 Aug 2016 13:26:44 -0700
7c7f29 
Subject: [PATCH] Ticket bz1358565 -  clear and unsalted password types are
7c7f29 
 vulnerable to timing attack
7c7f29
7c7f29 
Description: Build fails with the commit f0e03b5a51972a125fe78f448d1f68e288782d1e:
7c7f29 
  error: 'for' loop initial declarations are only allowed in C99 mode
7c7f29 
  for (size_t i = 0; i < n; i++) {
7c7f29 
  ^
7c7f29 
Moved "size_t i;" to the top of slapi_ct_memcmp.
7c7f29 
---
7c7f29 
 ldap/servers/slapd/ch_malloc.c | 3 ++-
7c7f29 
 1 file changed, 2 insertions(+), 1 deletion(-)
7c7f29
7c7f29 
diff --git a/ldap/servers/slapd/ch_malloc.c b/ldap/servers/slapd/ch_malloc.c
7c7f29 
index a38268c..705ea86 100644
7c7f29 
--- a/ldap/servers/slapd/ch_malloc.c
7c7f29 
+++ b/ldap/servers/slapd/ch_malloc.c
7c7f29 
@@ -374,12 +374,13 @@ slapi_ct_memcmp( const void *p1, const void *p2, size_t n)
7c7f29 
     int result = 0;
7c7f29 
     const unsigned char *_p1 = (const unsigned char *)p1;
7c7f29 
     const unsigned char *_p2 = (const unsigned char *)p2;
7c7f29 
+    size_t i;
7c7f29
7c7f29 
     if (_p1 == NULL || _p2 == NULL) {
7c7f29 
         return 2;
7c7f29 
     }
7c7f29
7c7f29 
-    for (size_t i = 0; i < n; i++) {
7c7f29 
+    for (i = 0; i < n; i++) {
7c7f29 
         if (_p1[i] ^ _p2[i]) {
7c7f29 
             result = 1;
7c7f29 
         }
7c7f29 
--
7c7f29 
2.4.11
7c7f29

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation