Copied from Debian. From: Petr Stodulka Date: Mon, 14 Sep 2015 18:23:17 +0200 Subject: Upstream fix for heap overflow Bug-Debian: https://bugs.debian.org/802162 Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944 Origin: https://bugzilla.redhat.com/attachment.cgi?id=1073002 Forwarded: yes --- crypt.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) --- a/crypt.c +++ b/crypt.c @@ -465,7 +465,17 @@ GLOBAL(pInfo->encrypted) = FALSE; defer_leftover_input(__G); for (n = 0; n < RAND_HEAD_LEN; n++) { - b = NEXTBYTE; + /* 2012-11-23 SMS. (OUSPG report.) + * Quit early if compressed size < HEAD_LEN. The resulting + * error message ("unable to get password") could be improved, + * but it's better than trying to read nonexistent data, and + * then continuing with a negative G.csize. (See + * fileio.c:readbyte()). + */ + if ((b = NEXTBYTE) == (ush)EOF) + { + return PK_ERR; + } h[n] = (uch)b; Trace((stdout, " (%02x)", h[n])); } 4bb927fc88223a15431428cb741dd1c2c'>refslogtreecommitdiff
path: root/gnu/packages/haxe.scm
AgeCommit message (Expand)Author
2023-04-30gnu: neko: Build with mariadb....* gnu/packages/haxe.scm (neko)[inputs]: Remove mysql. Add mariadb:dev, mariadb:lib. Efraim Flashner
2023-04-30gnu: neko: Make sure not to keep a store reference to HTTPD....* gnu/packages/haxe.scm (neko): Move httpd ... [native-inputs]: ... to here. [arguments]: Forbid keeping a reference to httpd. Leo Famulari
2022-10-23gnu: Fix typos....* gnu/packages/emacs-xyz.scm (emacs-piem)[description]: Fix use of "This packages". * gnu/packages/tex.scm (texlive-hardwrap)[description]: Fix spelling of "arbitrary". * gnu/packages/cran.scm (r-shinymanager)[description]: Fix spelling of "authentication". * gnu/packages/lisp-xyz.scm (sbcl-utils-kt)[description]: Fix spelling of "developed". * gnu/packages/crates-io.scm (rust-fs-utils-1)[description]: Fix spelling of "filesystem". [synopsis]: Likewise. * gnu/packages/haxe.scm (neko)[description]: Fix spelling of "functions". * gnu/packages/animation.scm (swftools)[description]: Fix needless pluralization of "information". * gnu/packages/lisp-xyz.scm (sbcl-slot-extra-options)[description]: Fix spelling of "inheritance". * gnu/packages/emacs-xyz.scm (emacs-js-comint)[description]: Fix spelling of "interpreter". * gnu/packages/coq.scm (coq-mathcomp-finmap)[description]: Fix spelling of "library". * gnu/services/lightdm.scm (lightdm-configuration): Fix spelling of "mechanism". * gnu/packages/emacs-xyz.scm (emacs-citar-org-roam)[synopsis]: Fix spelling of "package". * gnu/packages/games.scm (freerct)[description]: Fix spelling of "responsibilities". * gnu/packages/statistics.scm (r-mixedpower)[description]: Fix spelling of "separate". * gnu/packages/accessibility.scm (espeakup)[description]: Fix spelling of "speech". * gnu/packages/bioinformatics.scm (r-skitools)[synopsis]: Fix spelling of "utilities". * gnu/packages/golang.scm (go-github-com-savsgio-gotils)[synopsis]: Fix spelling of "utilities". [description]: Likewise. * gnu/system.scm (boot-file-system-service os): Fix spelling of "utilities". Vagrant Cascadian
2022-08-03gnu: Add hashlink....* gnu/packages/haxe.scm (hashlink): New variable. Signed-off-by: 宋文武 <iyzsong@member.fsf.org> John Kehayias
2022-08-03gnu: Add haxe....* gnu/packages/haxe.scm (haxelib-src): New variable. (haxe): New variable. Signed-off-by: 宋文武 <iyzsong@member.fsf.org> John Kehayias
2022-08-03gnu: Add neko....* gnu/packages/haxe.scm: New module. (neko): New variable. * gnu/local.mk (GNU_SYSTEM_MODULES): Add new module. Signed-off-by: 宋文武 <iyzsong@member.fsf.org> John Kehayias