From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/243 Path: news.gmane.org!not-for-mail From: Solar Designer Newsgroups: gmane.linux.lib.musl.general Subject: Re: New daily reports Date: Thu, 4 Aug 2011 16:12:29 +0400 Message-ID: <20110804121229.GA23611@openwall.com> References: <4E39C84F.8060705@gmail.com> <20110803224651.GB11437@openwall.com> <4E3A79B2.8090204@gmail.com> <20110804115443.GA23430@openwall.com> <4E3A8A05.4070407@gmail.com> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1312459960 1048 80.91.229.12 (4 Aug 2011 12:12:40 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 4 Aug 2011 12:12:40 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-327-gllmg-musl=m.gmane.org@lists.openwall.com Thu Aug 04 14:12:32 2011 Return-path: Envelope-to: gllmg-musl@lo.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by lo.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1Qowmt-0000tn-Jy for gllmg-musl@lo.gmane.org; Thu, 04 Aug 2011 14:12:31 +0200 Original-Received: (qmail 20292 invoked by uid 550); 4 Aug 2011 12:12:31 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 20284 invoked from network); 4 Aug 2011 12:12:31 -0000 Content-Disposition: inline In-Reply-To: <4E3A8A05.4070407@gmail.com> User-Agent: Mutt/1.4.2.3i Xref: news.gmane.org gmane.linux.lib.musl.general:243 Archived-At: On Thu, Aug 04, 2011 at 02:01:09PM +0200, Luka Mar??eti?? wrote: > On 08/04/2011 01:54 PM, Solar Designer wrote: > >I am tempted to propose something not on the original list, such as > >testing of ctype macros and locales, or looking for functions that make > >variable size allocations on the stack (may be tricked into overwriting > >another thread's stack or the heap), but I realize that you have more > >than enough tasks already. > > Wouldn't (parts of) those be tasks 0 and 7 respectively (coincidentally, > the two tasks that were next on my to-do list after the generator)? I'm afraid that testing of ctype macros and locales for proper operation and for some peculiar properties (behavior on negative ints, etc.) is not on the list currently on the wiki, even though I would have liked such testing to be done eventually. Task 0 ("Base definition tests") would include making sure that ctype macros are defined correctly, but not that they work correctly. Or at least that's how I read Rich's description of this task. Rich? Task 7 ("Functions which manipulate temp copies of an argument string") would in fact cover the alloca() issue I referred to above. In glibc, crypt() and crypt_r() suffer from this problem when the password string is not 32- or 64-bit aligned (depending on hash type) and the salt string requests MD5-crypt or one of the SHA-crypt flavors. (The copying is performed to have the data aligned for word-sized accesses by the crypto code. So it is skipped when the string happens to be already aligned.) Alexander