Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20111117022217.GA18757@openwall.com>
Date: Thu, 17 Nov 2011 06:22:17 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()

On Tue, Nov 15, 2011 at 06:13:24AM +0400, Solar Designer wrote:
> Alternatively, crypt(3) and crypt_r(3) (and the reference code for
> SHA-crypt?) could refuse to work on overly long key or/and salt strings,
> but then the question is what they should do on error.

Here's another related option:

	if (strlen(key) > 100000 || strlen(salt) > 100000)
		abort();

(or something like this).  Ridiculous?  Sure, but it's better than
overwriting another thread's stack or the heap with somewhat higher
lengths, and 100001 chars is not a more reasonable password length to
support than, say, 2 million or 10 million (typical thread stack sizes).

So if we can't decide on a proper fix (does anyone besides me even
care?), something as trivial as the above would be an improvement.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.