Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Z3Osz5tRbd4ieskw@voyager>
Date: Tue, 31 Dec 2024 09:35:27 +0100
From: Markus Wichmann <nullplan@....net>
To: musl@...ts.openwall.com
Cc: Runxi Yu <runxiyuld@...xiyu.org>
Subject: Re: crypt(3) returns "*" from read-only region, segfaulting
 passwd(1) on Alpine for long passwords

Am Mon, Dec 30, 2024 at 07:46:21AM +0100 schrieb Markus Wichmann:
> Am Sun, Dec 29, 2024 at 04:38:03PM +0800 schrieb Runxi Yu:
> > musl/src/crypt/crypt_sha512.c
> > > 	if (!p || q != testbuf || memcmp(testbuf, testhash, sizeof testhash))
> > > 		return "*";
>
> It doesn't make sense for these lines to be the problem, because they
> are only triggered if the compiler used for musl was broken and created
> a version of sha512crypt that generates wrong hashes. If this path is
> ever taken, then it is better for passwd to crash than to use any part
> of the hash.
>
> Ciao,
> Markus

I stand corrected. I neglected to look at the "!p" condition. While the
other two conditions for this return are indeed internal error checking
(and maybe crashing explicitly here would be a better solution), the
first one comes from a few conditions inside of sha512crypt, including
keys beyond 256 bytes.

There is no justification for length limits on the password, and nor
for a length limit at exactly 256 bytes. Would CPUs overheat at 257?

Ciao,
Markus

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.