security fix #85650

2 files changed, 21 insertions, 0 deletions

diff --git a/sys-libs/cracklib/files/cracklib-2.7-buffer-packer.patch b/sys-libs/cracklib/files/cracklib-2.7-buffer-packer.patch
new file mode 100644
index 000000000000..8585c79d6e9d
--- /dev/null
+++ b/sys-libs/cracklib/files/cracklib-2.7-buffer-packer.patch
@@ -0,0 +1,20 @@
+Fix a simple buffer overflow.
+
+http://sourceforge.net/mailarchive/message.php?msg_id=11189809
+http://bugs.gentoo.org/show_bug.cgi?id=85650
+
+--- cracklib,2.7/cracklib/packlib.c
++++ cracklib,2.7/cracklib/packlib.c
+@@ -33,9 +33,9 @@
+ 
+     memset(&pdesc, '\0', sizeof(pdesc));
+ 
+-    sprintf(iname, "%s.pwi", prefix);
+-    sprintf(dname, "%s.pwd", prefix);
+-    sprintf(wname, "%s.hwm", prefix);
++    snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
++    snprintf(dname, STRINGSIZE, "%s.pwd", prefix);
++    snprintf(wname, STRINGSIZE, "%s.hwm", prefix);
+ 
+     if (!(pdesc.dfp = fopen(dname, mode)))
+     {
diff --git a/sys-libs/cracklib/files/digest-cracklib-2.7-r11 b/sys-libs/cracklib/files/digest-cracklib-2.7-r11
new file mode 100644
index 000000000000..12a9da188d95
--- /dev/null
+++ b/sys-libs/cracklib/files/digest-cracklib-2.7-r11
@@ -0,0 +1 @@
+MD5 0c84ad7413d9dd3e5c2eaa5f97d53c4a cracklib,2.7.tar.gz 21059