[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20211104163237.4tjw7wopsg6oe7ow@nutty-noon>
Date: Thu, 4 Nov 2021 17:32:37 +0100
From: Charlotte Delenk <darkkirb@...kkirb.de>
To: musl@...ts.openwall.com
Subject: Re: possible buffer overflow in crypt() -- musl-1.2.2
Hi,
On Thu, Nov 04, 2021 at 03:53:12PM +0100, Terefang Verigorn wrote:
> hello
>
> crypt.h declares
> ---
> struct crypt_data {
> int initialized;
> char __buf[256];
> };
> ---
>
> but crypt.c uses
> ---
> static char buf[128];
> return __crypt_r(key, salt, (struct crypt_data *)buf);
> ---
>
> the buf[128] should be rather buf[sizeof(crypt_data)]
It doesn't appear to be a potential buffer overflow issue. According to
the comment in __crypt_r, the crypt_data struct is only used as an
output buffer. The longest output appears to be around 80 bytes long
>
> --
> Terefang
--
Charlotte
https://keybase.io/darkkirb • GPG Key 3CEF5DDA915AECB0 • https://darkkirb.de
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
