File pam_radius-bufferoverflow-CVE-2015-9542-fix.patch of Package pam_radius.19457

Index: pam_radius-1.3.16/pam_radius_auth.c
===================================================================
--- pam_radius-1.3.16.orig/pam_radius_auth.c
+++ pam_radius-1.3.16/pam_radius_auth.c
@@ -506,6 +506,9 @@ add_password(AUTH_HDR *request, unsigned
     length = MAXPASS;
   }
 
+  memset(hashed + length, 0, sizeof(hashed) - length);
+  memcpy(hashed, password, length);
+
   if (length == 0) {
     length = AUTH_PASS_LEN;	/* 0 maps to 16 */
   } if ((length & (AUTH_PASS_LEN - 1)) != 0) {
@@ -513,9 +516,6 @@ add_password(AUTH_HDR *request, unsigned
     length &= ~(AUTH_PASS_LEN - 1); /* chop it off */
   }                             /* 16*N maps to itself */
 
-  memset(hashed, 0, length);
-  memcpy(hashed, password, strlen(password));
-
   attr = find_attribute(request, PW_PASSWORD);
 
   if (type == PW_PASSWORD) {