From 6402e212219a2e9faa61f02099c0455e84817b7e Mon Sep 17 00:00:00 2001 From: Oliver Freyermuth Date: Tue, 23 Jan 2024 20:57:35 +0100 Subject: dev-cpp/scitokens-cpp: backport fix for invalid vector access Fixes tests on hardened systems and potential runtime errors. Closes: https://bugs.gentoo.org/922679 Closes: https://github.com/gentoo/gentoo/pull/34980 Signed-off-by: Oliver Freyermuth Signed-off-by: Guilherme Amadio --- ...scitokens-cpp-1.1.0-invalid-vector-access.patch | 24 ++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 dev-cpp/scitokens-cpp/files/scitokens-cpp-1.1.0-invalid-vector-access.patch (limited to 'dev-cpp/scitokens-cpp/files') diff --git a/dev-cpp/scitokens-cpp/files/scitokens-cpp-1.1.0-invalid-vector-access.patch b/dev-cpp/scitokens-cpp/files/scitokens-cpp-1.1.0-invalid-vector-access.patch new file mode 100644 index 000000000000..db524b4245d5 --- /dev/null +++ b/dev-cpp/scitokens-cpp/files/scitokens-cpp-1.1.0-invalid-vector-access.patch @@ -0,0 +1,24 @@ +Fix invalid std::vector access (visible with tests on hardened systems) + +From: Mattias Ellert +Bug: https://github.com/scitokens/scitokens-cpp/pull/126 +Bug: https://bugs.gentoo.org/922679 + +--- + src/scitokens_internal.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/src/scitokens_internal.cpp ++++ b/src/scitokens_internal.cpp +@@ -978,9 +978,9 @@ bool scitokens::Validator::store_public_ec_key(const std::string &issuer, + auto x_num = BN_num_bytes(x_bignum.get()); + auto y_num = BN_num_bytes(y_bignum.get()); + std::vector x_bin; +- x_bin.reserve(x_num); ++ x_bin.resize(x_num); + std::vector y_bin; +- y_bin.reserve(y_num); ++ y_bin.resize(y_num); + BN_bn2bin(x_bignum.get(), &x_bin[0]); + BN_bn2bin(y_bignum.get(), &y_bin[0]); + std::string x_str(reinterpret_cast(&x_bin[0]), x_num); -- cgit v1.2.3