1 files changed, 67 insertions, 0 deletions

diff --git a/pki/patches/pki-core-9.0.3-r2153.patch b/pki/patches/pki-core-9.0.3-r2153.patch
new file mode 100644
index 000000000..6ef3228fe
--- /dev/null
+++ b/pki/patches/pki-core-9.0.3-r2153.patch
@@ -0,0 +1,67 @@
+Index: base/native-tools/src/setpin/setpin_options.c
+===================================================================
+--- base/native-tools/src/setpin/setpin_options.c	(revision 2152)
++++ base/native-tools/src/setpin/setpin_options.c	(revision 2153)
+@@ -31,6 +31,7 @@
+ extern int errcode;
+ 
+ #define PW_DEFAULT_LENGTH 6
++#define ERR_BUF_LENGTH 512
+ 
+ char *valid_args[] = {
+   "host",     "LDAP host                                [required]",
+@@ -182,16 +183,10 @@
+ }
+ 
+ void validateOptions() {
+-  char *errbuf;
+-
+-  errbuf = (char *)malloc(2048);
+-  if (errbuf == NULL) {
+-    errcode=13;
+-    exitError("Couldn't allocate 'errbuf'.");
+-  }
++  char errbuf[ERR_BUF_LENGTH];
+ 
+   if (o_nickname  && equals(o_ssl,"no")) {
+-    sprintf(errbuf,"specifying nickname doesn't make sense with no SSL");
++    snprintf(errbuf, ERR_BUF_LENGTH, "specifying nickname doesn't make sense with no SSL");
+     goto loser;
+   }
+ 
+@@ -243,7 +238,6 @@
+   }
+ 
+   if (o_testpingen) {
+-	free(errbuf);
+ 	return;
+   }
+   
+@@ -263,7 +257,6 @@
+   }
+ 
+   if (o_setup != NULL) {
+-	free(errbuf);
+ 	return;
+   }
+ 
+@@ -281,17 +274,15 @@
+        equals(o_hash,"md5") ||
+        equals(o_hash,"none"))
+       ) {
+-    sprintf(errbuf,"invalid hash: %s",o_hash);
++    snprintf(errbuf, ERR_BUF_LENGTH, "invalid hash: %s",o_hash);
+     goto loser;
+   }
+   if (equals(o_hash,"none")) o_hash = NULL;
+-  free(errbuf);
+       
+   return ;
+   
+  loser:
+-  errcode=14;
+-  free(errbuf);
++  errcode=13;
+   exitError(errbuf);
+ 
+ }