File des-fcrypt.diff of Package libressl

From: Jan Engelhardt <jengelh@inai.de>
References: https://marc.info/?l=openbsd-tech&m=150906184009035&w=2

Do what openssl-1.1 is doing to guard against an otherwise
out-of-bounds access.

---
 crypto/des/fcrypt.c |    2 ++
 1 file changed, 2 insertions(+)

Index: libressl-2.6.3/crypto/des/fcrypt.c
===================================================================
--- libressl-2.6.3.orig/crypto/des/fcrypt.c
+++ libressl-2.6.3/crypto/des/fcrypt.c
@@ -78,6 +78,8 @@ char *DES_fcrypt(const char *buf, const
 	 * crypt to "*".  This was found when replacing the crypt in
 	 * our shared libraries.  People found that the disabled
 	 * accounts effectively had no passwd :-(. */
+	if (salt[0] >= sizeof(con_salt) || salt[1] >= sizeof(con_salt))
+		return NULL;
 	x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
 	Eswap0=con_salt[x]<<2;
 	x=ret[1]=((salt[1] == '\0')?'A':salt[1]);