void-packages/srcpkgs/pev/patches/0006-Fixes-116.-Thanks-to-Jakub-Wilk.patch
Đoàn Trần Công Danh c289bc2767 pev: fix crash with -D_FORTIFY_SOURCE=2
While we're at it, correct plugins dir, license, and fix musl build.

Fix: #22604
2020-06-08 07:42:37 +02:00

51 lines
1.6 KiB
Diff

From 97a05b57c3e86a96ff0ca2c4771cf74ff5b05061 Mon Sep 17 00:00:00 2001
From: Jardel Weyrich <jweyrich@gmail.com>
Date: Mon, 17 Jul 2017 11:55:15 -0300
Subject: [PATCH 06/12] Fixes #116. Thanks to Jakub Wilk!
print_basic_hash() declares the output buffer as:
char hash_value[EVP_MAX_MD_SIZE * 2 + 1];
With the current OpenSSL versions, EVP_MAX_MD_SIZE * 2 + 1 is 129.
However, fuzzy_hash_buf() requires an output buffer of size
FUZZY_MAX_RESULT, which is 148.
---
src/pehash.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git src/pehash.c src/pehash.c
index e49f0c1..f1e6b4c 100644
--- src/pehash.c
+++ src/pehash.c
@@ -229,16 +229,24 @@ static void calc_hash(const char *alg_name, const unsigned char *data, size_t si
static void print_basic_hash(const unsigned char *data, size_t size)
{
- char *basic_hashes[] = { "md5", "sha1", "sha256", "ssdeep" };
- char hash_value[EVP_MAX_MD_SIZE * 2 + 1];
-
if (!data || !size)
return;
+ const size_t openssl_hash_maxsize = EVP_MAX_MD_SIZE * 2 + 1;
+ const size_t ssdeep_hash_maxsize = FUZZY_MAX_RESULT;
+ // Since standard C lacks max(), we do it manually.
+ const size_t hash_maxsize = openssl_hash_maxsize > ssdeep_hash_maxsize
+ ? openssl_hash_maxsize
+ : ssdeep_hash_maxsize;
+ const char *basic_hashes[] = { "md5", "sha1", "sha256", "ssdeep" };
+ char *hash_value = malloc_s(hash_maxsize);
+
for (unsigned i=0; i < sizeof(basic_hashes) / sizeof(char *); i++) {
calc_hash(basic_hashes[i], data, size, hash_value);
output(basic_hashes[i], hash_value);
}
+
+ free(hash_value);
}
typedef struct element {
--
2.26.2.672.g232c24e857