diff options
author | Tomas Mraz <tmraz@redhat.com> | 2015-08-24 16:20:08 +0200 |
---|---|---|
committer | Tomas Mraz <tmraz@redhat.com> | 2015-08-24 16:20:08 +0200 |
commit | 91e2837c1128f0ee39cbb8dce0dd120ff21d1785 (patch) | |
tree | bef83d6d30634d75b9c79cf41f33abd5c1833d8a | |
parent | 3f8572afd6ba86e7b33ff9ec42da26a590ed38e6 (diff) | |
download | libpwquality-91e2837c1128f0ee39cbb8dce0dd120ff21d1785.tar.gz |
Fix possible stack overflow in pwquality_generate() with data from /dev/urandom.
-rw-r--r-- | src/generate.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/generate.c b/src/generate.c index 0b83b97..3d22491 100644 --- a/src/generate.c +++ b/src/generate.c @@ -100,7 +100,7 @@ consume_entropy(char *buf, int bits, int *remaining, int *offset) int pwquality_generate(pwquality_settings_t *pwq, int entropy_bits, char **password) { - char entropy[PWQ_MAX_ENTROPY_BITS/8 + 1]; + char entropy[(PWQ_MAX_ENTROPY_BITS+PWQ_MAX_ENTROPY_BITS/9)/8 + 2]; char *tmp; int maxlen; int try = 0; |