File pam_radius-bufferoverflow-CVE-2015-9542-fix.patch of Package pam_radius.19845

Index: pam_radius-1.4.0/src/pam_radius_auth.c
===================================================================
--- pam_radius-1.4.0.orig/src/pam_radius_auth.c
+++ pam_radius-1.4.0/src/pam_radius_auth.c
@@ -528,6 +528,9 @@ static void add_password(AUTH_HDR *reque
 		length = MAXPASS;
 	}
 
+	memset(hashed + length, 0, sizeof(hashed) - length);
+	memcpy(hashed, password, length);
+
 	if (length == 0) {
 		length = AUTH_PASS_LEN;			/* 0 maps to 16 */
 	} if ((length & (AUTH_PASS_LEN - 1)) != 0) {
@@ -535,9 +538,6 @@ static void add_password(AUTH_HDR *reque
 		length &= ~(AUTH_PASS_LEN - 1);		/* chop it off */
 	}						/* 16*N maps to itself */
 
-	memset(hashed, 0, length);
-	memcpy(hashed, password, strlen(password));
-
 	attr = find_attribute(request, PW_PASSWORD);
 
 	if (type == PW_PASSWORD) {