From ab1ccc1f4ceb5786bd722d3a66e870a67972b505 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Thu, 23 Apr 2020 21:57:50 +0200 Subject: [PATCH] Increase buffer size for base64 encoder (borrowed) base64 encoder apparently uses one byte more than the formula for base64 encoded size shows. This smashed a local variable, which was not used afterwards and did not cause problems, but triggered stack smash detector if the caller was compiled to use it. --- authfile.c | 2 +- configure.ac | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/authfile.c b/authfile.c index 93157a4..89d3243 100644 --- a/authfile.c +++ b/authfile.c @@ -190,7 +190,7 @@ struct _auth_obj authfile(const char *userid, const char *password, oldmask = umask(077); if ((fp = fopen(nfn, "w"))) { - int bsize = ((ao.datasize-1)/3+1)*4+1; + int bsize = ((ao.datasize-1)/3+1)*4+2; /* why +2 ??? */ char *b64 = alloca(bsize); if (b64_encode(ao.data, ao.datasize, b64, &bsize)) { diff --git a/configure.ac b/configure.ac index 8adf940..2ac5dd9 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([pam_pcsc_cr], 0.9.5) +AC_INIT([pam_pcsc_cr], 0.9.6) AC_CONFIG_SRCDIR([pam_pcsc_cr.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE @@ -11,6 +11,7 @@ AC_PROG_CC if test "X$CC" = "Xgcc"; then CFLAGS="$CFLAGS -Wall" fi +dnl -fstack-protector-all -fsanitize=address AC_PROG_MAKE_SET AC_SUBST(PROGS)dnl -- 2.39.2