diff options
author | khorben <khorben@pkgsrc.org> | 2018-03-15 19:51:08 +0000 |
---|---|---|
committer | khorben <khorben@pkgsrc.org> | 2018-03-15 19:51:08 +0000 |
commit | 55653e86267962c8cd96e743b64f376dac1bd1d6 (patch) | |
tree | 8132079f990c65fbfe2e1ec078c1a6c646cd9a79 | |
parent | dd7488cd5cbb99b55b18e04e51cb27afc22d534e (diff) | |
download | pkgsrc-55653e86267962c8cd96e743b64f376dac1bd1d6.tar.gz |
Do not truncate pass-phrases without a newline character
This also fixes a crash when the pass-phrase entered is empty.
Originally submitted on tech-pkg@ as:
[PATCH 02/11] Do not truncate pass-phrases without a newline character
Only modified for consistency with the coding style; as also applied in
NetBSD's src repository.
Tested on NetBSD/amd64.
-rw-r--r-- | security/netpgp/Makefile | 4 | ||||
-rw-r--r-- | security/netpgp/distinfo | 3 | ||||
-rw-r--r-- | security/netpgp/patches/patch-src_lib_reader.c | 26 |
3 files changed, 30 insertions, 3 deletions
diff --git a/security/netpgp/Makefile b/security/netpgp/Makefile index 83fef23eece..d09334c4e82 100644 --- a/security/netpgp/Makefile +++ b/security/netpgp/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.25 2018/03/15 19:37:30 khorben Exp $ +# $NetBSD: Makefile,v 1.26 2018/03/15 19:51:08 khorben Exp $ DISTNAME= netpgp-20140220 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_LOCAL} diff --git a/security/netpgp/distinfo b/security/netpgp/distinfo index 96a12fec3eb..ed0bcf6295c 100644 --- a/security/netpgp/distinfo +++ b/security/netpgp/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.19 2018/03/15 19:37:30 khorben Exp $ +$NetBSD: distinfo,v 1.20 2018/03/15 19:51:08 khorben Exp $ SHA1 (netpgp-20140220.tar.gz) = 815418cbae5d02a1385cd7947618303e5aa06d5c RMD160 (netpgp-20140220.tar.gz) = 970f55292852d5dbfde3eb17a5fefd6a7c820c4e SHA512 (netpgp-20140220.tar.gz) = ec6cfa0131cd50aee273b81cd64f448258121d7e9c8d4914be39ba59b5c28149bced3866c57f521167480da04b60d9d9bd2b228319dc8baa31328fb7c37e6b96 Size (netpgp-20140220.tar.gz) = 1521820 bytes SHA1 (patch-src_lib_keyring.c) = 937af3b82b07c2817b3b20e6d76043950c7afd29 +SHA1 (patch-src_lib_reader.c) = 2ebaddebbc2f6f42f7391933ebfef39e3a73a367 diff --git a/security/netpgp/patches/patch-src_lib_reader.c b/security/netpgp/patches/patch-src_lib_reader.c new file mode 100644 index 00000000000..8be51eeda12 --- /dev/null +++ b/security/netpgp/patches/patch-src_lib_reader.c @@ -0,0 +1,26 @@ +$NetBSD: patch-src_lib_reader.c,v 1.1 2018/03/15 19:51:08 khorben Exp $ + +Do not truncate pass-phrases without a newline character. + +--- src/lib/reader.c.orig 2012-03-05 02:20:18.000000000 +0000 ++++ src/lib/reader.c +@@ -160,6 +160,7 @@ int + pgp_getpassphrase(void *in, char *phrase, size_t size) + { + char *p; ++ size_t len; + + if (in == NULL) { + while ((p = getpass("netpgp passphrase: ")) == NULL) { +@@ -169,7 +170,10 @@ pgp_getpassphrase(void *in, char *phrase + if (fgets(phrase, (int)size, in) == NULL) { + return 0; + } +- phrase[strlen(phrase) - 1] = 0x0; ++ len = strlen(phrase); ++ if (len >= 1 && phrase[len - 1] == '\n') { ++ phrase[len - 1] = '\0'; ++ } + } + return 1; + } |