From f8a67ca3126fd22b8705adcb81942a64b76da5c8 Mon Sep 17 00:00:00 2001
From: yixiangzhike <yixiangzhike007@163.com>
Date: Sun, 28 Sep 2025 13:58:29 +0800
Subject: [PATCH] Make buffer static and avoid returning stack-allocated memory

---
 ...ic-and-avoid-returning-stack-allocat.patch | 25 +++++++++++++++++++
 cracklib.spec                                 |  6 ++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 backport-Make-buffer-static-and-avoid-returning-stack-allocat.patch

diff --git a/backport-Make-buffer-static-and-avoid-returning-stack-allocat.patch b/backport-Make-buffer-static-and-avoid-returning-stack-allocat.patch
new file mode 100644
index 0000000..d56b3cd
--- /dev/null
+++ b/backport-Make-buffer-static-and-avoid-returning-stack-allocat.patch
@@ -0,0 +1,25 @@
+From 04f5a82fc9b6ffab4d3c1630c220298d72a516bf Mon Sep 17 00:00:00 2001
+From: Leandro Nini <drfiemost@users.noreply.github.com>
+Date: Wed, 29 Mar 2023 19:16:45 +0200
+Subject: [PATCH] Make buffer static and avoid returning stack-allocated memory
+
+---
+ lib/rules.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/rules.c b/lib/rules.c
+index 094a36b..3c587c4 100644
+--- a/lib/rules.c
++++ b/lib/rules.c
+@@ -213,7 +213,7 @@ Purge(string, target)		/* returns pointer to a purged copy */
+     char target;
+ {
+     char *ptr;
+-    char area[STRINGSIZE];
++    static char area[STRINGSIZE];
+     ptr = area;
+     while (*string)
+     {
+-- 
+2.43.0
+
diff --git a/cracklib.spec b/cracklib.spec
index 3c91036..ead1e26 100644
--- a/cracklib.spec
+++ b/cracklib.spec
@@ -5,7 +5,7 @@
 
 Name: cracklib
 Version: 2.9.8
-Release: 2
+Release: 3
 Summary: A password-checking library
 
 License: LGPLv2+
@@ -17,6 +17,7 @@ Patch1: backport-cracklib-2.9.6-lookup.patch
 # After fix-problem-of-error-message-about-simplistic-passwo.patch
 Patch2: fix-error-length-about-simplistic-password.patch
 Patch3: fix-truncating-dict-file-without-input-data.patch
+Patch4: backport-Make-buffer-static-and-avoid-returning-stack-allocat.patch
 
 BuildRequires: gcc, words, gettext, gettext-autopoint, zlib-devel, chrpath
 %if %{with python3}
@@ -164,6 +165,9 @@ make test
 %endif
 
 %changelog
+* Sun Sep 28 2025 yixiangzhike <yixiangzhike007@163.com> - 2.9.8-3
+- Make buffer static and avoid returning stack-allocated memory
+
 * Wed Apr 26 2023 yixiangzhike <yixiangzhike007@163.com> - 2.9.8-2
 - add version for the symbol cracklib-dicts
 
-- 
Gitee