rpms / ntp

Clone
Source Code
GIT

Blame SOURCES/ntp-4.2.6p5-cve-2015-3405.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta
  1.   b8042e3e14c6b71ff34ec8b51a4957f08f37a150
  2.   SOURCES
  3.   ntp-4.2.6p5-cve-2015-3405.patch
Blob History Raw
6d3098 
diff -up ntp-4.2.6p5/util/ntp-keygen.c.bigkeygen ntp-4.2.6p5/util/ntp-keygen.c
6d3098 
--- ntp-4.2.6p5/util/ntp-keygen.c.bigkeygen	2015-04-14 09:47:54.205534510 +0200
6d3098 
+++ ntp-4.2.6p5/util/ntp-keygen.c	2015-04-14 09:50:04.068927862 +0200
6d3098 
@@ -742,24 +742,23 @@ gen_md5(
6d3098 
 	ntp_srandom((u_long)epoch);
6d3098 
 	for (i = 1; i <= MD5KEYS; i++) {
6d3098 
 		for (j = 0; j < MD5SIZE; j++) {
6d3098 
-			int temp;
6d3098 
+			u_char temp;
6d3098
6d3098 
 			while (1) {
6d3098 
 				int rc;
6d3098
6d3098 
-				rc = ntp_crypto_random_buf(&temp, 1);
6d3098 
+				rc = ntp_crypto_random_buf(&temp, sizeof(temp));
6d3098 
 				if (-1 == rc) {
6d3098 
 					fprintf(stderr, "ntp_crypto_random_buf() failed.\n");
6d3098 
 					exit (-1);
6d3098 
 				}
6d3098 
-				temp &= 0xff;
6d3098 
 				if (temp == '#')
6d3098 
 					continue;
6d3098
6d3098 
 				if (temp > 0x20 && temp < 0x7f)
6d3098 
 					break;
6d3098 
 			}
6d3098 
-			md5key[j] = (u_char)temp;
6d3098 
+			md5key[j] = temp;
6d3098 
 		}
6d3098 
 		md5key[j] = '\0';
6d3098 
 		fprintf(str, "%2d MD5 %s  # MD5 key\n", i,

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation