oss-sec mailing list archives
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
From: Steve Grubb <sgrubb () redhat com>
Date: Wed, 16 Nov 2011 21:32:45 -0500
On Wednesday, November 16, 2011 09:22:17 PM Solar Designer wrote:
On Tue, Nov 15, 2011 at 06:13:24AM +0400, Solar Designer wrote:Alternatively, crypt(3) and crypt_r(3) (and the reference code for SHA-crypt?) could refuse to work on overly long key or/and salt strings, but then the question is what they should do on error.Here's another related option: if (strlen(key) > 100000 || strlen(salt) > 100000) abort(); (or something like this). Ridiculous? Sure, but it's better than overwriting another thread's stack or the heap with somewhat higher lengths, and 100001 chars is not a more reasonable password length to support than, say, 2 million or 10 million (typical thread stack sizes). So if we can't decide on a proper fix (does anyone besides me even care?), something as trivial as the above would be an improvement.
raise(SIGKILL) might be better because abort requests a core dump and you are in crypto code. -Steve
Current thread:
- glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Solar Designer (Nov 14)
- Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Solar Designer (Nov 14)
- Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Solar Designer (Nov 16)
- Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Steve Grubb (Nov 16)
- Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Henri Salo (Nov 17)