Date: Thu, 4 Aug 2011 16:12:29 +0400 From: Solar Designer <solar@...nwall.com> To: musl@...ts.openwall.com Subject: Re: New daily reports On Thu, Aug 04, 2011 at 02:01:09PM +0200, Luka Mar??eti?? wrote: > On 08/04/2011 01:54 PM, Solar Designer wrote: > >I am tempted to propose something not on the original list, such as > >testing of ctype macros and locales, or looking for functions that make > >variable size allocations on the stack (may be tricked into overwriting > >another thread's stack or the heap), but I realize that you have more > >than enough tasks already. > > Wouldn't (parts of) those be tasks 0 and 7 respectively (coincidentally, > the two tasks that were next on my to-do list after the generator)? I'm afraid that testing of ctype macros and locales for proper operation and for some peculiar properties (behavior on negative ints, etc.) is not on the list currently on the wiki, even though I would have liked such testing to be done eventually. Task 0 ("Base definition tests") would include making sure that ctype macros are defined correctly, but not that they work correctly. Or at least that's how I read Rich's description of this task. Rich? Task 7 ("Functions which manipulate temp copies of an argument string") would in fact cover the alloca() issue I referred to above. In glibc, crypt() and crypt_r() suffer from this problem when the password string is not 32- or 64-bit aligned (depending on hash type) and the salt string requests MD5-crypt or one of the SHA-crypt flavors. (The copying is performed to have the data aligned for word-sized accesses by the crypto code. So it is skipped when the string happens to be already aligned.) Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.