Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250408233721.GB23209@openwall.com>
Date: Wed, 9 Apr 2025 01:37:21 +0200
From: Solar Designer <solar@...nwall.com>
To: yescrypt@...ts.openwall.com
Subject: Re: using a hash pointer returned from crypt(3) for yescrypt

Hello Matthias,

On Tue, Apr 08, 2025 at 04:44:03PM +0200, Matthias Apitz wrote:
> ...
>      crypt places its result in a static storage area, which will be overwrit-
>      ten by subsequent calls to crypt.  It is not safe to call crypt from mul-
>      tiple threads simultaneously.
> ...
> 
> but I though that this static storage area will be overwritten at the
> end of 'crypt(password,  hash);' and not invalidated at the beginning.
> 
> Maybe the man page could be improved with:
> ...
>      It's also not safe to use the pointer returned as an argument for
>      another call to crypt(3).

Thank you for reporting this.  I understand that this behavior may be
unexpected.  And yes, traditionally the static output buffer would only
be overwritten much later inside crypt(3), after it's done reading its
arguments.  It's libxcrypt trying not to leave sensitive data around and
to shorten its lifetime, and maybe being overzealous at that.  So I've
just opened this issue:

https://github.com/besser82/libxcrypt/issues/209

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.