Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 Jul 2012 12:09:50 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: KRB4: fix memset in afs_cmu_StringToKey()

On 07/06/2012 11:56 AM, magnum wrote:
> On 2012-07-06 10:02, Frank Dittrich wrote:
>> clang 3.0 correctly identified a problem here and issued a warning
>> [-Wsizeof-pointer-memaccess]
>>
>> On linux-x86 (32bit), sizeof(key) is just 4, while sizeof(*key) is 8.
>>
>> Attached patch fixes the problem.
> 
> Are you sure about this? How about sizeof(DES_cblock), what size is that?

Quite sure, sizeof(DES_cblock) is 8.
On 64bit, sizeof(key) == sizeof(*key) == sizeof(DES_cblock) == 8.

Do you prefer sizeof(DES_cblock) instead of sizeof(*key)?
I think that's harder to read.

If you google for afs_cmu_StringToKey, you'll find code snippets which
still use
memset(key, 0, sizeof(key)); // wrong
as well as code snippets which use
memset(key, 0, sizeof(des_cblock)); // correct

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ