kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

crypt_r.c: fix out of bounds access

Browse source 
* missing/crypt_r.c (a64toi): initialize statically and fix out of
  bounds access when salt is not 7bit clean.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55243 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2016-06-01 05:07:55 +00:00
parent 2a27b6c851
commit 9cfc17a210
2 changed files with 21 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -1,3 +1,8 @@
Wed Jun 1 14:07:53 2016 Nobuyoshi Nakada <nobu@ruby-lang.org>
* missing/crypt_r.c (a64toi): initialize statically and fix out of
bounds access when salt is not 7bit clean.
Wed Jun 1 11:34:59 2016 NAKAMURA Usaku <usa@ruby-lang.org>
* win32/Makefile.sub (MISSING): fixed build error introduced at r55237.

26
missing/crypt_r.c
View file

@ -289,12 +289,25 @@ static const unsigned char CIFP[] = { /* compressed/interleaved permutation */
static const unsigned char itoa64[] = /* 0..63 => ascii-64 */
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
/* table that converts chars "./0-9A-Za-z"to integers 0-63. */
static const unsigned char a64toi[256] = {
#define A64TOI1(c) \
((c) == '.' ? 0 : \
(c) == '/' ? 1 : \
('0' <= (c) && (c) <= '9') ? (c) - '0' + 2 : \
('A' <= (c) && (c) <= 'Z') ? (c) - 'A' + 12 : \
('a' <= (c) && (c) <= 'z') ? (c) - 'a' + 38 : \
0)
#define A64TOI4(base) A64TOI1(base+0), A64TOI1(base+1), A64TOI1(base+2), A64TOI1(base+3)
#define A64TOI16(base) A64TOI4(base+0), A64TOI4(base+4), A64TOI4(base+8), A64TOI4(base+12)
#define A64TOI64(base) A64TOI16(base+0x00), A64TOI16(base+0x10), A64TOI16(base+0x20), A64TOI16(base+0x30)
A64TOI64(0x00), A64TOI64(0x40),
A64TOI64(0x00), A64TOI64(0x40),
};
/* ===== Tables that are initialized at run time ==================== */
typedef struct {
/* table that converts chars "./0-9A-Za-z"to integers 0-63. */
unsigned char a64toi[128];
/* Initial key schedule permutation */
C_block PC1ROT[64/CHUNKBITS][1<<CHUNKBITS];
@ -317,7 +330,6 @@ static des_tables_t des_tables[1];
static const C_block constdatablock; /* encryption constant */
#define des_tables ((const des_tables_t *)des_tables)
#define a64toi (des_tables->a64toi)
#define PC1ROT (des_tables->PC1ROT)
#define PC2ROT (des_tables->PC2ROT)
#define IE3264 (des_tables->IE3264)
@ -602,12 +614,6 @@ init_des(void)
if (des_tables->ready) return;
/*
* table that converts chars "./0-9A-Za-z"to integers 0-63.
*/
for (i = 0; i < 64; i++)
a64toi[itoa64[i]] = i;
/*
* PC1ROT - bit reverse, then PC1, then Rotate, then PC2.
*/