Bug#687800: unblock: mcrypt/2.6.8-1.2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#687800: unblock: mcrypt/2.6.8-1.2
From: Raphael Geissert <geissert@debian.org>
Date: Sat, 15 Sep 2012 19:43:00 -0500
Message-id: <[🔎] 20120916004300.17585.21255.reportbug@localhost>
Reply-to: Raphael Geissert <geissert@debian.org>, 687800@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock mcrypt (yeah, again).

It fixes some more issues and enables hardening flags via dpkg's .mk

unblock mcrypt/2.6.8-1.2

Thanks in advance.

Cheers,
Raphael Geissert

diff -u mcrypt-2.6.8/debian/rules mcrypt-2.6.8/debian/rules
--- mcrypt-2.6.8/debian/rules
+++ mcrypt-2.6.8/debian/rules
@@ -2,6 +2,9 @@
 # Sample debian/rules that uses debhelper.
 # This file is public domain software, originally written by Joey Hess. 
 
+DPKG_EXPORT_BUILDFLAGS=1
+-include /usr/share/dpkg/buildflags.mk
+
 source-clean:
 	@echo Running distclean if possible
 	$(MAKE) distclean || true
diff -u mcrypt-2.6.8/debian/changelog mcrypt-2.6.8/debian/changelog
--- mcrypt-2.6.8/debian/changelog
+++ mcrypt-2.6.8/debian/changelog
@@ -1,3 +1,12 @@
+mcrypt (2.6.8-1.2) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix three other buffer overflows in check_file_head.
+  * Fix use of uninitialized data when no salt is used.
+  * Enable hardening flags.
+
+ -- Raphael Geissert <geissert@debian.org>  Sat, 15 Sep 2012 13:40:02 -0500
+
 mcrypt (2.6.8-1.1) unstable; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -u mcrypt-2.6.8/src/extra.c mcrypt-2.6.8/src/extra.c
--- mcrypt-2.6.8/src/extra.c
+++ mcrypt-2.6.8/src/extra.c
@@ -223,7 +223,8 @@
 		}
 
 		read_until_null(tmp_buf, fstream);
-		strcpy(algorithm, tmp_buf);
+		strncpy(algorithm, tmp_buf, 50);
+		algorithm[49] = '\0';
 
 		fread(&keylen, sizeof(short int), 1, fstream);
 #ifdef WORDS_BIGENDIAN
@@ -233,10 +234,12 @@
 #endif
 
 		read_until_null(tmp_buf, fstream);
-		strcpy(mode, tmp_buf);
+		strncpy(mode, tmp_buf, 50);
+		mode[49] = '\0';
 
 		read_until_null(tmp_buf, fstream);
-		strcpy(keymode, tmp_buf);
+		strncpy(keymode, tmp_buf, 50);
+		keymode[49] = '\0';
 		fread(&sflag, 1, 1, fstream);
 		if (m_getbit(6, flags) == 1) { /* if the salt bit is set */
 			if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
only in patch2:
unchanged:
--- mcrypt-2.6.8.orig/src/classic.c
+++ mcrypt-2.6.8/src/classic.c
@@ -437,7 +437,7 @@
    char tmp_buf[BUFFER_SIZE];
    int how = 0;
    int i = 0;
-   int blocksize, crcsize, salt_size;
+   int blocksize, crcsize, salt_size = 0;
    MCRYPT td;
    int pid, buf_block, start;
    word32 *IV = NULL;

Reply to:

Follow-Ups:
- Bug#687800: marked as done (unblock: mcrypt/2.6.8-1.2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: reopening 681107
Next by Date: Bug#687801: unblock: fcitx/1:4.2.4.1-6
Previous by thread: Processed: reopening 681107
Next by thread: Bug#687800: marked as done (unblock: mcrypt/2.6.8-1.2)
Index(es):
- Date
- Thread