Bump netpgpverify and libnetpgpverify to 20191003 - fix problem

pointed out by mrg and gcc8: + don't read an automatic array element we haven't already written
author: agc <agc@pkgsrc.org> 2019-10-03 20:18:12 +0000
committer: agc <agc@pkgsrc.org> 2019-10-03 20:18:12 +0000
commit: 9d2a1ae1acb9d1ebd5df4a2ecad2265cd7eb386f (patch)
tree: e83b2fa1645536c13825c1e0c5394529a06215ec /security/netpgpverify
parent: 510300e048a611d87da0f47a883728681bdbce2e (diff)
download: pkgsrc-9d2a1ae1acb9d1ebd5df4a2ecad2265cd7eb386f.tar.gz
2 files changed, 3 insertions, 3 deletions
diff --git a/security/netpgpverify/files/bignum.c b/security/netpgpverify/files/bignum.c
index 6dfa0532416..96bae96fb1d 100644
--- a/security/netpgpverify/files/bignum.c
+++ b/security/netpgpverify/files/bignum.c
@@ -2308,7 +2308,7 @@ fast_col_array_multiply(mp_int * a, mp_int * b, mp_int * c, int digs)
 		tmpc = c->dp;
 		for (ix = 0; ix < pa+1; ix++) {
 			/* now extract the previous digit [below the carry] */
-			*tmpc++ = W[ix];
+			*tmpc++ = (ix < pa) ? W[ix] : 0;
 		}
 
 		/* clear unused digits [that existed in the old copy of c] */
diff --git a/security/netpgpverify/files/verify.h b/security/netpgpverify/files/verify.h
index 4121d377122..d772ec2acf1 100644
--- a/security/netpgpverify/files/verify.h
+++ b/security/netpgpverify/files/verify.h
@@ -23,9 +23,9 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef NETPGP_VERIFY_H_
-#define NETPGP_VERIFY_H_	20190117
+#define NETPGP_VERIFY_H_	20191003
 
-#define NETPGPVERIFY_VERSION	"netpgpverify portable 20190117"
+#define NETPGPVERIFY_VERSION	"netpgpverify portable 20191003"
 
 #include <sys/types.h>
author	agc <agc@pkgsrc.org>	2019-10-03 20:18:12 +0000
committer	agc <agc@pkgsrc.org>	2019-10-03 20:18:12 +0000
commit	9d2a1ae1acb9d1ebd5df4a2ecad2265cd7eb386f (patch)
tree	e83b2fa1645536c13825c1e0c5394529a06215ec /security/netpgpverify
parent	510300e048a611d87da0f47a883728681bdbce2e (diff)
download	pkgsrc-9d2a1ae1acb9d1ebd5df4a2ecad2265cd7eb386f.tar.gz