Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:61038 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 63885 invoked from network); 29 Jun 2012 12:57:03 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 29 Jun 2012 12:57:03 -0000 Authentication-Results: pb1.pair.com header.from=ircmaxell@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=ircmaxell@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.42 as permitted sender) X-PHP-List-Original-Sender: ircmaxell@gmail.com X-Host-Fingerprint: 209.85.216.42 mail-qa0-f42.google.com Received: from [209.85.216.42] ([209.85.216.42:42731] helo=mail-qa0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id F4/41-62543-E16ADEF4 for ; Fri, 29 Jun 2012 08:57:02 -0400 Received: by qafi31 with SMTP id i31so714709qaf.8 for ; Fri, 29 Jun 2012 05:56:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bsAc6E7bfsEVaL28BDVnmUMuCjjgJ0e7cbYS7imC5mg=; b=xfwlCXYkIB8do392yP/i8coq1CBJ9lzGIeJYInxfRuROED+db2eFUO8PfhN5fau6KT EJV1Iv/JkfI/fDyvzEdOP08SWwPfIxsMsp48vuKavY8rhoORRevLBkuav0/WfSycLy8a SX4ZhwG/EfnaDKsKHXF0UfPlyePlOHowTXaLbkvn6XQttkhQvAyjsIO76vfRQurZIBP0 k1Y4D9OgiiLhnUP3kRjv9PzDGOHKwOGH2/tSyxCDMyjSnTzG5Ewv5J9jsufb8hmnrbZZ PbY/3jSFetSCNC9kD1mt/DZiqVl5zomEBOY7pUXYDE26HHiB9EPVvqjlI6TwU8mqszQz VG3w== MIME-Version: 1.0 Received: by 10.224.72.210 with SMTP id n18mr3769090qaj.10.1340974619259; Fri, 29 Jun 2012 05:56:59 -0700 (PDT) Received: by 10.229.232.11 with HTTP; Fri, 29 Jun 2012 05:56:59 -0700 (PDT) In-Reply-To: References: Date: Fri, 29 Jun 2012 08:56:59 -0400 Message-ID: To: Nikita Popov Cc: PHP internals Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] Asking for a review of crypt() allocation changes From: ircmaxell@gmail.com (Anthony Ferrara) Additionally, it appears that SHA256/512 are way overallocating the buffer. For SHA512: int needed = (sizeof(sha512_salt_prefix) - 1 + sizeof(sha512_rounds_prefix) + 9 + 1 + salt_in_len + 1 + 86 + 1); output = emalloc(needed); salt[salt_in_len] = '\0'; crypt_res = php_sha512_crypt_r(str, salt, output, needed); // snip memset(output, 0, needed); efree(output); The salt_in_len includes the salt_prefix and the rounds_prefix as well. Since salt_in_len (thanks to the allocations before hand) can be up to PHP_MAX_SALT_LEN http://lxr.php.net/xref/PHP_TRUNK/ext/standard/crypt.c#88 which is 123 characters, the output of the function can be no bigger than PHP_MAX_SALT_LEN. Therefore the "needed" variable can be replaced by PHP_MAX_SALT_LEN everywhere... output = emalloc(MAX_SALT_LEN); salt[salt_in_len] = '\0'; crypt_res = php_sha512_crypt_r(str, salt, output, MAX_SALT_LEN); // snip memset(output, 0, MAX_SALT_LEN); efree(output); We can do the same for sha256. But in that case, we'll be overallocating the buffer as well. Although not nearly as bad as we are now. Thoughts? Anthony On Fri, Jun 29, 2012 at 8:43 AM, Nikita Popov wrote: > Hi internals! > > Anthony and me have been looking a lot at the crypt() code recently > and noticed that there are some strange things going on in the buffer > allocations for the sha algorithms. > > We did two commits to fix them up a bit: > > http://git.php.net/?p=php-src.git;a=commitdiff;h=7e8276ca68fc622124d51d18e4f7b5cde3536de4 > http://git.php.net/?p=php-src.git;a=commitdiff;h=e6cf7d774519300c08399cae5bfba90e33749727 > > The complete code is here: > http://lxr.php.net/xref/PHP_TRUNK/ext/standard/crypt.c#150 > > To prevent another crypt() mess, I'd really appreciate if some people > familiar with the code could look over it. > > Nikita > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php >