summaryrefslogtreecommitdiff
path: root/development/pycrypto/pycrypto-CVE-2009-0544.patch
diff options
context:
space:
mode:
Diffstat (limited to 'development/pycrypto/pycrypto-CVE-2009-0544.patch')
-rw-r--r--development/pycrypto/pycrypto-CVE-2009-0544.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/development/pycrypto/pycrypto-CVE-2009-0544.patch b/development/pycrypto/pycrypto-CVE-2009-0544.patch
new file mode 100644
index 0000000000..7d2f11dcd2
--- /dev/null
+++ b/development/pycrypto/pycrypto-CVE-2009-0544.patch
@@ -0,0 +1,24 @@
+diff -p -up pycrypto-2.0.1/src/ARC2.c.orig pycrypto-2.0.1/src/ARC2.c
+--- pycrypto-2.0.1/src/ARC2.c.orig 2002-05-17 10:34:45.000000000 -0300
++++ pycrypto-2.0.1/src/ARC2.c 2009-02-20 13:50:28.000000000 -0300
+@@ -11,6 +11,7 @@
+ */
+
+ #include <string.h>
++#include "Python.h"
+
+ #define MODULE_NAME ARC2
+ #define BLOCK_SIZE 8
+@@ -146,6 +147,12 @@ block_init(block_state *self, U8 *key, i
+ We'll hardwire it to 1024. */
+ #define bits 1024
+
++ if ((U32)keylength > sizeof(self->xkey)) {
++ PyErr_SetString(PyExc_ValueError,
++ "ARC2 key length must be less than 128 bytes");
++ return;
++ }
++
+ memcpy(self->xkey, key, keylength);
+
+ /* Phase 1: Expand input key to 128 bytes */
generated by cgit v1.2.3 (git 2.26.2) at 2024-12-13 16:58:16 +0000