void-packages/srcpkgs/gdbm/patches/gdbm-1.10-zeroheaders.patch

39 lines
1.7 KiB
Diff

# Prevent gdbm from storing uninitialized memory content
# to database files. This patch improves security, as the
# uninitialized memory might contain sensitive informations
# from other applications.
# https://bugzilla.redhat.com/show_bug.cgi?id=4457
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927
--- src/falloc.c.zeroheaders 2011-11-11 11:59:11.000000000 +0100
+++ src/falloc.c 2011-11-14 17:34:32.487604027 +0100
@@ -255,7 +255,7 @@ push_avail_block (GDBM_FILE dbf)
/* Split the header block. */
- temp = (avail_block *) malloc (av_size);
+ temp = (avail_block *) calloc (1, av_size);
if (temp == NULL) _gdbm_fatal (dbf, _("malloc error"));
/* Set the size to be correct AFTER the pop_avail_block. */
temp->size = dbf->header->avail.size;
--- src/gdbmopen.c.zeroheaders 2011-11-11 19:39:42.000000000 +0100
+++ src/gdbmopen.c 2011-11-14 17:33:24.867608650 +0100
@@ -264,7 +264,7 @@ gdbm_open (const char *file, int block_s
(dbf->header->block_size - sizeof (hash_bucket))
/ sizeof (bucket_element) + 1;
dbf->header->bucket_size = dbf->header->block_size;
- dbf->bucket = (hash_bucket *) malloc (dbf->header->bucket_size);
+ dbf->bucket = (hash_bucket *) calloc (1, dbf->header->bucket_size);
if (dbf->bucket == NULL)
{
gdbm_close (dbf);
@@ -456,7 +456,7 @@ _gdbm_init_cache(GDBM_FILE dbf, size_t s
for(index = 0; index < size; index++)
{
(dbf->bucket_cache[index]).ca_bucket
- = (hash_bucket *) malloc (dbf->header->bucket_size);
+ = (hash_bucket *) calloc (1, dbf->header->bucket_size);
if ((dbf->bucket_cache[index]).ca_bucket == NULL)
{
gdbm_errno = GDBM_MALLOC_ERROR;