Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()

[Solar Designer <solar () openwall com>]

On Fri, Mar 30, 2012 at 11:05:32PM +0400, Solar Designer wrote:
> On Fri, Mar 30, 2012 at 12:47:54PM -0600, Jeff Law wrote:
> > On 03/30/2012 12:43 PM, Solar Designer wrote:
> > > Do you realize that plenty of services that use crypt() - likely the
> > > majority of them, even - don't handle NULL returns, so they will
> > > segfault when these conditions are triggered?
> >
> > Then, IMHO,  the app is clearly broken.  Crypt has been defined as 
> > potentially returning NULL and at least for glibc has done so since the 
> > introduction of sha256/sha512, if the app fails to check for that, then 
> > the app needs to be fixed.
>
> Sure.  I am not arguing against fixing the apps (in fact, I am planning
> to fix one of mine - code originally written in 1998 or so - regardless
> of what glibc does on this), but I am arguing for not having glibc
> expose the problem.
>
> Considering the age of Unix, SUSv2 and POSIX.1-2001 are fairly recent
> (I think this may be when the NULL returns were first standardized), and
> glibc's SHA-crypt is very young.  It still makes sense to support apps
> older than that, including without changes.

Paul Wouters (Red Hat) has started to fix the apps:

https://mobile.twitter.com/letoams/status/195181246614224896

"sent crypt() NULL patches out for apg control-center cyrus-sasl openssh
pam passwdqc ppp python screen shadow-utils sysvinit-tools yp-tools
7 days ago"

Thanks again, Paul!

Alexander