mailing list of musl libc
 help / color / mirror / code / Atom feed
From: Terefang Verigorn <terefang@gmail.com>
To: musl@lists.openwall.com
Subject: [musl] Re: possible buffer overflow in crypt() -- musl-1.2.2
Date: Thu, 4 Nov 2021 16:13:22 +0100	[thread overview]
Message-ID: <CAFvOk+qf2Tc_4o6ms8cJ8dNjNE+zZ92UaG8CWtzfBJRkT=YK-g@mail.gmail.com> (raw)
In-Reply-To: <CAFvOk+oPyMJdhqavobK3DK5zhgY6puZkziDtUF4yqXkMwPQXZw@mail.gmail.com>

proposed patch:

--- crypt.c     2021-01-15 03:26:00.000000000 +0100
+++ crypt.c.fixed       2021-11-04 16:11:25.540969172 +0100
@@ -9,6 +9,6 @@
         * purely to meet the public API requirements of the crypt_r
         * function; the implementation of crypt_r uses the object
         * purely as a char buffer. */
-       static char buf[128];
-       return __crypt_r(key, salt, (struct crypt_data *)buf);
+       static struct crypt_data buf;
+       return __crypt_r(key, salt, (struct crypt_data *)&buf);
 }

On Thu, Nov 4, 2021 at 3:53 PM Terefang Verigorn <terefang@gmail.com> wrote:
>
> hello
>
> crypt.h declares
> ---
> struct crypt_data {
>    int initialized;
>    char __buf[256];
> };
> ---
>
> but crypt.c uses
> ---
> static char buf[128];
> return __crypt_r(key, salt, (struct crypt_data *)buf);
> ---
>
> the buf[128] should be rather buf[sizeof(crypt_data)]
>
> --
> Terefang



-- 
--
Document My Code? Why do you think they call it "code" ?
--
App developers spend too much time debugging errors in production systems
https://betanews.com/2016/11/03/developers-debugging-production-errors/
--
“The Principle of Priority states (a) you must know the difference
between what is urgent and what is important, and (b) you must do
what’s important first.”
Steven Pressfield (born 1943) American writer

  reply	other threads:[~2021-11-04 15:19 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-04 14:53 [musl] " Terefang Verigorn
2021-11-04 15:13 ` Terefang Verigorn [this message]
2021-11-04 16:13 ` Rich Felker
2021-11-04 16:32 ` Charlotte Delenk

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAFvOk+qf2Tc_4o6ms8cJ8dNjNE+zZ92UaG8CWtzfBJRkT=YK-g@mail.gmail.com' \
    --to=terefang@gmail.com \
    --cc=musl@lists.openwall.com \
    --subject='[musl] Re: possible buffer overflow in crypt() -- musl-1.2.2' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Code repositories for project(s) associated with this inbox:

	https://git.vuxu.org/mirror/musl/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).