oss-sec mailing list archives

Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()

From: Solar Designer <solar () openwall com>
Date: Fri, 30 Mar 2012 22:43:33 +0400

On Fri, Mar 30, 2012 at 12:27:31PM -0600, Jeff Law wrote:

I think the right way to handle the return value is to return NULL for 
these cases.  It's posix complaint and the glibc crypt routines already 
return NULL for exceptional conditions.


Do you realize that plenty of services that use crypt() - likely the
majority of them, even - don't handle NULL returns, so they will
segfault when these conditions are triggered?  (That's assuming there
is no way for an attacker to get something mmap()'ed at NULL in the
service.)  I think the NULL returns got into POSIX starting with 2001;
if so, anything written earlier than that legitimately does not handle
NULL returns (and indeed a lot of newer code also does not).

I have to admit that DragonFly BSD also recently went with NULL returns,
and I failed to convince them to do otherwise.

NetBSD went with my suggestion of "*0" / "*1", though.

Alexander

Current thread:

Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Tomas Hoger (Mar 30)
- Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Solar Designer (Mar 30)
  - Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Jeff Law (Mar 30)
    - Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Solar Designer (Mar 30)
    - Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Jeff Law (Mar 30)
    - Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Solar Designer (Mar 30)
    - Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() Jeff Law (Mar 30)