From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 29094 invoked from network); 4 Nov 2021 15:19:27 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 4 Nov 2021 15:19:27 -0000 Received: (qmail 25967 invoked by uid 550); 4 Nov 2021 15:19:25 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 21821 invoked from network); 4 Nov 2021 15:14:47 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-transfer-encoding; bh=YwBhS/nQ31Y+IuBkvUjg+r5Yhv+DP+/oZ0RiA26DFjc=; b=XlL5rt4e/ERH/CSWwsGv4GjdfKf/LuDJpLvATGtA0jzJbnKW4f2fHF/7vQBDDs1HnY PpUwOhwco3c5WdojC+oFExVAc5QPDFGt1lLazK/wgZKOOFhU5lGkxBu5/nZICjK54K+1 qfOx5A3+SsOfQshDzxcojVTBO6jiN80s+E73wyXvvakElh/1EuAIu9hE/XWX4z6F9JyV DJS4BLdInAVJWHOwXe7y0D+tSSkjG0ltwIrRVW3EELD3UnaVH199Moh+QbCuLhTMh7o5 d+OKTcOglOS/0+m/I5SRchEttv30EVJljsP4VLgt+SIQc/ppVCr/S4Mi9gxKPjSZtdg/ tDGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-transfer-encoding; bh=YwBhS/nQ31Y+IuBkvUjg+r5Yhv+DP+/oZ0RiA26DFjc=; b=sPFJ9c869hgHIfHEeiTMFooa5jRTfBI3+cE7NxG8kcOaZtTpEU7R3vSP8xgej21TUA sZ60ZBhVKN4jjCCgVkd8MX4bFQJs9tkYBzzwrURZ6e/qeg63mqU8gDvydUtEBm4/z5wU JGlhcOZJb/vKLuASr/uLgWuyiIeXyCcbcQMmldVcjuRTcqrt0hIiKa0URuEOCTEYVgVO Czjz+I0kH7OnDRsEf+YEiDCnvJNHm6DTnRu2Q1niCPav/WSDZfpYA1qpLJ8on8PP4x2h I46LkQXSyq3zszN9ZBNj0FZVVB5sROnm/SBpnFMbqIC1ntSxpcEtAB1VhnE0j8Acmhgg Yoww== X-Gm-Message-State: AOAM531POtXg4xKIIFwlDPcA1ot8KgbcPOErq1oYDPafB0GPpevB551t ypqMKn9ydwr3+MTCQ6AhcUuj+b1/VE03XJ5rptHay5/MVcY= X-Google-Smtp-Source: ABdhPJyv5+XccTMEl6hQqV2ybZ82v8vO3KZm4nTPcV77Aw6+YJBhnnMqhvc0DWCXjKbuqqJEVZgc5QvPnu/m1GCI2DE= X-Received: by 2002:a17:906:140b:: with SMTP id p11mr63670325ejc.116.1636038874746; Thu, 04 Nov 2021 08:14:34 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Terefang Verigorn Date: Thu, 4 Nov 2021 16:13:22 +0100 Message-ID: To: musl@lists.openwall.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: [musl] Re: possible buffer overflow in crypt() -- musl-1.2.2 proposed patch: --- crypt.c 2021-01-15 03:26:00.000000000 +0100 +++ crypt.c.fixed 2021-11-04 16:11:25.540969172 +0100 @@ -9,6 +9,6 @@ * purely to meet the public API requirements of the crypt_r * function; the implementation of crypt_r uses the object * purely as a char buffer. */ - static char buf[128]; - return __crypt_r(key, salt, (struct crypt_data *)buf); + static struct crypt_data buf; + return __crypt_r(key, salt, (struct crypt_data *)&buf); } On Thu, Nov 4, 2021 at 3:53 PM Terefang Verigorn wrote= : > > hello > > crypt.h declares > --- > struct crypt_data { > int initialized; > char __buf[256]; > }; > --- > > but crypt.c uses > --- > static char buf[128]; > return __crypt_r(key, salt, (struct crypt_data *)buf); > --- > > the buf[128] should be rather buf[sizeof(crypt_data)] > > -- > Terefang --=20 -- Document My Code? Why do you think they call it "code" ? -- App developers spend too much time debugging errors in production systems https://betanews.com/2016/11/03/developers-debugging-production-errors/ -- =E2=80=9CThe Principle of Priority states (a) you must know the difference between what is urgent and what is important, and (b) you must do what=E2=80=99s important first.=E2=80=9D Steven Pressfield (born 1943) American writer