Fix possible stack overflow in pwquality_generate() with data from /dev/urandom.

author: Tomas Mraz <tmraz@redhat.com> 2015-08-24 16:20:08 +0200
committer: Tomas Mraz <tmraz@redhat.com> 2015-08-24 16:20:08 +0200
commit: 91e2837c1128f0ee39cbb8dce0dd120ff21d1785 (patch)
tree: bef83d6d30634d75b9c79cf41f33abd5c1833d8a
parent: 3f8572afd6ba86e7b33ff9ec42da26a590ed38e6 (diff)
download: libpwquality-91e2837c1128f0ee39cbb8dce0dd120ff21d1785.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/generate.c b/src/generate.c
index 0b83b97..3d22491 100644
--- a/src/generate.c
+++ b/src/generate.c
@@ -100,7 +100,7 @@ consume_entropy(char *buf, int bits, int *remaining, int *offset)
 int
 pwquality_generate(pwquality_settings_t *pwq, int entropy_bits, char **password)
 {
-        char entropy[PWQ_MAX_ENTROPY_BITS/8 + 1];
+        char entropy[(PWQ_MAX_ENTROPY_BITS+PWQ_MAX_ENTROPY_BITS/9)/8 + 2];
         char *tmp;
         int maxlen;
         int try = 0;
author	Tomas Mraz <tmraz@redhat.com>	2015-08-24 16:20:08 +0200
committer	Tomas Mraz <tmraz@redhat.com>	2015-08-24 16:20:08 +0200
commit	91e2837c1128f0ee39cbb8dce0dd120ff21d1785 (patch)
tree	bef83d6d30634d75b9c79cf41f33abd5c1833d8a
parent	3f8572afd6ba86e7b33ff9ec42da26a590ed38e6 (diff)
download	libpwquality-91e2837c1128f0ee39cbb8dce0dd120ff21d1785.tar.gz