Date: Thu, 17 Nov 2011 06:22:17 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca() On Tue, Nov 15, 2011 at 06:13:24AM +0400, Solar Designer wrote: > Alternatively, crypt(3) and crypt_r(3) (and the reference code for > SHA-crypt?) could refuse to work on overly long key or/and salt strings, > but then the question is what they should do on error. Here's another related option: if (strlen(key) > 100000 || strlen(salt) > 100000) abort(); (or something like this). Ridiculous? Sure, but it's better than overwriting another thread's stack or the heap with somewhat higher lengths, and 100001 chars is not a more reasonable password length to support than, say, 2 million or 10 million (typical thread stack sizes). So if we can't decide on a proper fix (does anyone besides me even care?), something as trivial as the above would be an improvement. Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.