Blame SOURCES/ntp-4.2.6p5-cve-2016-1550.patch
|
 |
6e16f6 |
diff -up ntp-4.2.6p5/libntp/a_md5encrypt.c.cve-2016-1550 ntp-4.2.6p5/libntp/a_md5encrypt.c
|
|
|
6e16f6 |
--- ntp-4.2.6p5/libntp/a_md5encrypt.c.cve-2016-1550 2016-04-27 15:11:40.955168086 +0200
|
|
|
6e16f6 |
+++ ntp-4.2.6p5/libntp/a_md5encrypt.c 2016-04-27 15:13:41.126499861 +0200
|
|
|
6e16f6 |
@@ -88,7 +88,7 @@ MD5authdecrypt(
|
|
|
6e16f6 |
"MAC decrypt: MAC length error");
|
|
|
6e16f6 |
return (0);
|
|
|
6e16f6 |
}
|
|
|
6e16f6 |
- return (!memcmp(digest, (char *)pkt + length + 4, len));
|
|
|
6e16f6 |
+ return (!CRYPTO_memcmp(digest, (char *)pkt + length + 4, len));
|
|
|
6e16f6 |
}
|
|
|
6e16f6 |
|
|
|
6e16f6 |
/*
|
|
|
6e16f6 |
diff -up ntp-4.2.6p5/sntp/crypto.c.cve-2016-1550 ntp-4.2.6p5/sntp/crypto.c
|
|
|
6e16f6 |
--- ntp-4.2.6p5/sntp/crypto.c.cve-2016-1550 2010-11-14 09:47:00.000000000 +0100
|
|
|
6e16f6 |
+++ ntp-4.2.6p5/sntp/crypto.c 2016-04-27 15:13:41.126499861 +0200
|
|
|
6e16f6 |
@@ -58,7 +58,7 @@ auth_md5(
|
|
|
6e16f6 |
if (!hash_len)
|
|
|
6e16f6 |
authentic = FALSE;
|
|
|
6e16f6 |
else
|
|
|
6e16f6 |
- authentic = !memcmp(digest, pkt_data + pkt_size + 4,
|
|
|
6e16f6 |
+ authentic = !CRYPTO_memcmp(digest, pkt_data + pkt_size + 4,
|
|
|
6e16f6 |
hash_len);
|
|
|
6e16f6 |
return authentic;
|
|
|
6e16f6 |
}
|