- Fix ARC2 Buffer Overflow

- Bump PORTREVISION Obtained from: pycrypto git Security: http://www.vuxml.org/freebsd/5a021595-fba9-11dd-86f3-0030843d3802.html
svn path=/head/; revision=228462
2009-02-15 21:51:27 +00:00 · 2009-02-15 21:51:27 +00:00 · 94ffbbfaac · 2021-03-31 03:12:20 +00:00
commit 94ffbbfaac
parent 5a76589457
3 changed files with 27 additions and 2 deletions
--- a/security/py-pycrypto/Makefile
+++ b/security/py-pycrypto/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	pycrypto
 PORTVERSION=	2.0.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security python
 MASTER_SITES=	http://www.amk.ca/files/python/crypto/
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
--- a/security/py-pycrypto/files/patch-src-ARC2.c
+++ b/security/py-pycrypto/files/patch-src-ARC2.c
@ -0,0 +1,25 @@
+diff --git a/src/ARC2.c b/src/ARC2.c
+index eb61713..35d9151 100644
+--- src/ARC2.c
+++ src/ARC2.c
+@@ -11,6 +11,7 @@
+  */
+ 
+ #include <string.h>  
+#include "Python.h"
+ 
+ #define MODULE_NAME ARC2
+ #define BLOCK_SIZE 8
+@@ -144,6 +145,12 @@ block_init(block_state *self, U8 *key, int keylength)
+ 		197,243,219, 71,229,165,156,119, 10,166, 32,104,254,127,193,173
+         };
+ 
+	if ((U32)keylength > sizeof(self->xkey)) {
+		PyErr_SetString(PyExc_ValueError,
+				"ARC2 key length must be less than 128 bytes");
+		return;
+	}
+
+ 	memcpy(self->xkey, key, keylength);
+   
+ 	/* Phase 1: Expand input key to 128 bytes */
--- a/security/py-pycrypto/pkg-descr
+++ b/security/py-pycrypto/pkg-descr
@ -5,4 +5,4 @@ This is a collection of both secure hash functions (such as MD5 and
 SHA), and various encryption algorithms (AES, DES, IDEA, RSA, ElGamal,
 etc.) for Python.

-WWW:	http://www.amk.ca/python/code/crypto.html
+WWW:	http://pycrypto.org