mailing list archives
Re: glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
From: Solar Designer <solar () openwall com>
Date: Fri, 30 Mar 2012 22:43:33 +0400
On Fri, Mar 30, 2012 at 12:27:31PM -0600, Jeff Law wrote:
I think the right way to handle the return value is to return NULL for
these cases. It's posix complaint and the glibc crypt routines already
return NULL for exceptional conditions.
Do you realize that plenty of services that use crypt() - likely the
majority of them, even - don't handle NULL returns, so they will
segfault when these conditions are triggered? (That's assuming there
is no way for an attacker to get something mmap()'ed at NULL in the
service.) I think the NULL returns got into POSIX starting with 2001;
if so, anything written earlier than that legitimately does not handle
NULL returns (and indeed a lot of newer code also does not).
I have to admit that DragonFly BSD also recently went with NULL returns,
and I failed to convince them to do otherwise.
NetBSD went with my suggestion of "*0" / "*1", though.