29 lines
1.2 KiB
Diff
29 lines
1.2 KiB
Diff
# Prevent gdbm from storing uninitialized memory content
|
|
# to database files. This patch improves security, as the
|
|
# uninitialized memory might contain sensitive informations
|
|
# from other applications.
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=4457
|
|
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927
|
|
|
|
--- src/falloc.c.orig 2017-03-14 07:13:25.976990206 +0000
|
|
+++ src/falloc.c 2017-03-14 07:17:27.833002683 +0000
|
|
@@ -278,7 +278,7 @@
|
|
|
|
/* Split the header block. */
|
|
temp = GDBM_DEBUG_ALLOC ("push_avail_block:malloc-failure",
|
|
- malloc (av_size));
|
|
+ calloc (1, av_size));
|
|
if (temp == NULL)
|
|
{
|
|
GDBM_SET_ERRNO (dbf, GDBM_MALLOC_ERROR, TRUE);
|
|
--- src/gdbmopen.c.orig 2017-03-14 07:23:52.954022551 +0000
|
|
+++ src/gdbmopen.c 2017-03-14 07:26:31.950030754 +0000
|
|
@@ -529,7 +529,7 @@
|
|
{
|
|
(dbf->bucket_cache[index]).ca_bucket =
|
|
GDBM_DEBUG_ALLOC ("_gdbm_init_cache:bucket-malloc-failure",
|
|
- malloc (dbf->header->bucket_size));
|
|
+ calloc (1, dbf->header->bucket_size));
|
|
if ((dbf->bucket_cache[index]).ca_bucket == NULL)
|
|
{
|
|
GDBM_SET_ERRNO (dbf, GDBM_MALLOC_ERROR, TRUE);
|