diff -r 000000000000 -r eeea35fbf182 patches/glibc/2.1.3/rh62-03-glibc-2.1.3-crypt.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/glibc/2.1.3/rh62-03-glibc-2.1.3-crypt.patch Sat Feb 24 11:00:05 2007 +0000 @@ -0,0 +1,207 @@ +--- glibc-2.1.3/md5-crypt/md5-crypt.c 2000/03/04 00:47:30 1.1 ++++ glibc-2.1.3/md5-crypt/md5-crypt.c 2000/08/24 06:10:02 1.8 +@@ -1,5 +1,5 @@ + /* One way encryption based on MD5 sum. +- Copyright (C) 1996, 1997, 1999 Free Software Foundation, Inc. ++ Copyright (C) 1996, 1997, 1999, 2000 Free Software Foundation, Inc. + This file is part of the GNU C Library. + Contributed by Ulrich Drepper , 1996. + +@@ -18,6 +18,7 @@ + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + ++#include + #include + #include + #include +@@ -37,9 +38,9 @@ + + + /* Prototypes for local functions. */ +-extern char *__md5_crypt_r __P ((const char *key, const char *salt, +- char *buffer, int buflen)); +-extern char *__md5_crypt __P ((const char *key, const char *salt)); ++extern char *__md5_crypt_r (const char *key, const char *salt, ++ char *buffer, int buflen); ++extern char *__md5_crypt (const char *key, const char *salt); + + + /* This entry point is equivalent to the `crypt' function in Unix +@@ -51,13 +52,16 @@ + char *buffer; + int buflen; + { +- unsigned char alt_result[16]; ++ unsigned char alt_result[16] ++ __attribute__ ((__aligned__ (__alignof__ (md5_uint32)))); + struct md5_ctx ctx; + struct md5_ctx alt_ctx; + size_t salt_len; + size_t key_len; + size_t cnt; + char *cp; ++ char *copied_key = NULL; ++ char *copied_salt = NULL; + + /* Find beginning of salt string. The prefix should normally always + be present. Just in case it is not. */ +@@ -68,6 +72,26 @@ + salt_len = MIN (strcspn (salt, "$"), 8); + key_len = strlen (key); + ++ if ((key - (char *) 0) % __alignof__ (md5_uint32) != 0) ++ { ++ char *tmp = (char *) alloca (key_len + __alignof__ (md5_uint32)); ++ key = copied_key = ++ memcpy (tmp + __alignof__ (md5_uint32) ++ - (tmp - (char *) 0) % __alignof__ (md5_uint32), ++ key, key_len); ++ assert ((key - (char *) 0) % __alignof__ (md5_uint32) == 0); ++ } ++ ++ if ((salt - (char *) 0) % __alignof__ (md5_uint32) != 0) ++ { ++ char *tmp = (char *) alloca (salt_len + __alignof__ (md5_uint32)); ++ salt = copied_salt = ++ memcpy (tmp + __alignof__ (md5_uint32) ++ - (tmp - (char *) 0) % __alignof__ (md5_uint32), ++ salt, salt_len); ++ assert ((salt - (char *) 0) % __alignof__ (md5_uint32) == 0); ++ } ++ + /* Prepare for the real work. */ + __md5_init_ctx (&ctx); + +@@ -195,21 +219,30 @@ + + /* Clear the buffer for the intermediate result so that people + attaching to processes or reading core dumps cannot get any +- information. */ +- memset (alt_result, '\0', sizeof (alt_result)); ++ information. We do it in this way to clear correct_words[] ++ inside the MD5 implementation as well. */ ++ __md5_init_ctx (&ctx); ++ __md5_finish_ctx (&ctx, alt_result); ++ memset (&ctx, '\0', sizeof (ctx)); ++ memset (&alt_ctx, '\0', sizeof (alt_ctx)); ++ if (copied_key != NULL) ++ memset (copied_key, '\0', key_len); ++ if (copied_salt != NULL) ++ memset (copied_salt, '\0', salt_len); + + return buffer; + } + + ++static char *buffer; ++ + char * + __md5_crypt (const char *key, const char *salt) + { + /* We don't want to have an arbitrary limit in the size of the + password. We can compute the size of the result in advance and + so we can prepare the buffer we pass to `md5_crypt_r'. */ +- static char *buffer = NULL; +- static int buflen = 0; ++ static int buflen; + int needed = 3 + strlen (salt) + 1 + 26 + 1; + + if (buflen < needed) +@@ -220,4 +253,12 @@ + } + + return __md5_crypt_r (key, salt, buffer, buflen); ++} ++ ++ ++static void ++__attribute__ ((__destructor__)) ++free_mem (void) ++{ ++ free (buffer); + } +--- glibc-2.1.3/md5-crypt/md5.c 2000/03/04 00:47:30 1.1 ++++ glibc-2.1.3/md5-crypt/md5.c 2000/07/04 18:22:44 1.2 +@@ -1,6 +1,6 @@ +-/* md5.c - Functions to compute MD5 message digest of files or memory blocks ++/* Functions to compute MD5 message digest of files or memory blocks. + according to the definition of MD5 in RFC 1321 from April 1992. +- Copyright (C) 1995, 1996, 1997, 1999 Free Software Foundation, Inc. ++ Copyright (C) 1995, 1996, 1997, 1999, 2000 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -217,6 +217,8 @@ + size_t len; + struct md5_ctx *ctx; + { ++ //const void aligned_buffer = buffer; ++ + /* When we already have some bits in our internal buffer concatenate + both inputs first. */ + if (ctx->buflen != 0) +@@ -224,16 +226,20 @@ + size_t left_over = ctx->buflen; + size_t add = 128 - left_over > len ? len : 128 - left_over; + ++ /* Only put full words in the buffer. */ ++ add -= add % __alignof__ (md5_uint32); ++ + memcpy (&ctx->buffer[left_over], buffer, add); + ctx->buflen += add; + +- if (left_over + add > 64) ++ if (ctx->buflen > 64) + { +- md5_process_block (ctx->buffer, (left_over + add) & ~63, ctx); ++ md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx); ++ ++ ctx->buflen &= 63; + /* The regions in the following copy operation cannot overlap. */ + memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], +- (left_over + add) & 63); +- ctx->buflen = (left_over + add) & 63; ++ ctx->buflen); + } + + buffer = (const char *) buffer + add; +@@ -251,8 +257,17 @@ + /* Move remaining bytes in internal buffer. */ + if (len > 0) + { +- memcpy (ctx->buffer, buffer, len); +- ctx->buflen = len; ++ size_t left_over = ctx->buflen; ++ ++ memcpy (&ctx->buffer[left_over], buffer, len); ++ left_over += len; ++ if (left_over >= 64) ++ { ++ md5_process_block (ctx->buffer, 64, ctx); ++ left_over -= 64; ++ memcpy (ctx->buffer, &ctx->buffer[64], left_over); ++ } ++ ctx->buflen = left_over; + } + } + +--- glibc-2.1.3/md5-crypt/md5.h 2000/03/04 00:47:30 1.1 ++++ glibc-2.1.3/md5-crypt/md5.h 2000/07/04 18:22:44 1.2 +@@ -1,6 +1,6 @@ + /* Declaration of functions and data types used for MD5 sum computing + library functions. +- Copyright (C) 1995, 1996, 1997, 1999 Free Software Foundation, Inc. ++ Copyright (C) 1995, 1996, 1997, 1999, 2000 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -87,7 +87,7 @@ + + md5_uint32 total[2]; + md5_uint32 buflen; +- char buffer[128]; ++ char buffer[128] __attribute__ ((__aligned__ (__alignof__ (md5_uint32)))); + }; + + /*