Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:99877 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 62996 invoked from network); 15 Jul 2017 21:09:30 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Jul 2017 21:09:30 -0000 Authentication-Results: pb1.pair.com header.from=php@golemon.com; sender-id=softfail Authentication-Results: pb1.pair.com smtp.mail=php@golemon.com; spf=softfail; sender-id=softfail Received-SPF: softfail (pb1.pair.com: domain golemon.com does not designate 74.125.82.46 as permitted sender) X-PHP-List-Original-Sender: php@golemon.com X-Host-Fingerprint: 74.125.82.46 mail-wm0-f46.google.com Received: from [74.125.82.46] ([74.125.82.46:35187] helo=mail-wm0-f46.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id DB/E4-01782-8848A695 for ; Sat, 15 Jul 2017 17:09:29 -0400 Received: by mail-wm0-f46.google.com with SMTP id w126so46170723wme.0 for ; Sat, 15 Jul 2017 14:09:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=golemon-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:from:date:message-id:subject:to; bh=Grj2P9YvrXLPY/R5qqrMqDWcR89nkHmbc0wRkO4nHg8=; b=2O2XBgjtyuwfP6XmEgZKIByNSUHjC9QF5gQoqZfKcTuU8REL14AKrKm0vxt6tQRz/Y GkWefBFCRlpO8C8miaAzEZVsZq23ORGv1uaBDFyV93H2AUcZju4YOd+BWH6wVXgW25JQ ONBhvkgJ7hXVqEjt60lO9fTEWGhtq93wvp2jXo09UPuepufZpsYgwjUXf8etllr7KHgO DNCW5OA4WJ2qj0FntA3WCZeeQGtNSyVszrG4FFF97e0RPYM8OAV+T/hfQy3tl/3SWfKD +ShWFM1Ifw66Y1Fv+AGjLO1UDEPW4qH/n7qZZwP2wQHOw2KcYeUf2dM2IWErkYFsG/90 1KdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=Grj2P9YvrXLPY/R5qqrMqDWcR89nkHmbc0wRkO4nHg8=; b=ZoddSfiEviuOwvzTzuhXhKM3eU9tcHaT9Y67UqjeZ4xFcHJylDtoo9ik6JO8ewugN1 MmG3XvMC96jjG6GWK0Gz2qnXppK5VbfI+s0+RM+WsztJaKT7EutiLmIw3OkVfvPMnV79 DR31Vb/BZTLf6ohbBOnQFZPN1rLIqUJMhpwIT2QuPFPzfKTtu/gZlxl5cn2OsZawT8DZ AE5MuFfnjhTgapaje1TobtSdxhpIN4frH126ABvYmPYK32pMPNVDHeHmAQX2V+vxKT// cyzKvhacgM1DedLfSpY8MHvWCv89wjMbmY4X3W0u59AuucK6l0tG1rVavqZXBMFFz+KA q02w== X-Gm-Message-State: AIVw110Ryl2WJQs+0+b+f04E67spLs9G7bSBku+zSIDAydzBIS1zmd67 PMo6j/bvccNEdIjLvGQ9ePTX5j+Zl1ovhQE+Wg== X-Received: by 10.28.132.13 with SMTP id g13mr221030wmd.58.1500152965257; Sat, 15 Jul 2017 14:09:25 -0700 (PDT) MIME-Version: 1.0 Sender: php@golemon.com Received: by 10.223.169.139 with HTTP; Sat, 15 Jul 2017 14:09:24 -0700 (PDT) X-Originating-IP: [71.251.16.204] Date: Sat, 15 Jul 2017 17:09:24 -0400 X-Google-Sender-Auth: 1cCYkHgEyiDXnJqT5paXIBg8y70 Message-ID: To: PHP internals Content-Type: text/plain; charset="UTF-8" Subject: php_crypt() problems From: pollita@php.net (Sara Golemon) While exploring password_*() functions, I found myself in php_crypt() and noticed a use-after-free in the PHP_USE_PHP_CRYPT_R==0 case. char *crypt_res; { #if something struct crypt_data buffer; #else CRYPTD buffer; #endif crypt_res = crypt_r(password, salt, &buffer); } return zend_string_init(crypt_res, strlen(crypt_res), 0); The above *looks* fine, until you realize that crypt_r() returns a pointer to a portion of `buffer`. Buffer has fallen out of scope though, so according to spec, it's undefined as to whether or not the memory address will still be trustable. In practice, gcc is okay, but again, not due to defined behavior. --- But wait, there's more. I started moving a few things around to fix this (which turned into something of a refactor) and when I ran the tests, everything was fine. But of course, my build has PHP_USE_PHP_CRYPT_R==1 (as many do, I suspect). So I rebuilt and ran the tests manually flipping PHP_USE_PHP_CRYPT_R to Zero. and the following tests now fail: Test DES with invalid fallback [ext/standard/tests/crypt/des_fallback_invalid_salt.phpt] Test deprecated operation of password_hash() [ext/standard/tests/password/password_deprecated_salts.phpt] Test normal operation of password_hash() [ext/standard/tests/password/password_hash.phpt] Test normal operation of password_verify) [ext/standard/tests/password/password_verify.phpt] Bug #73058 crypt broken when salt is 'too' long [ext/standard/tests/strings/bug73058.phpt] crypt() function [ext/standard/tests/strings/crypt.phpt] Official blowfish tests [ext/standard/tests/strings/crypt_blowfish.phpt] crypt() function - characters > 0x80 [ext/standard/tests/strings/crypt_chars.phpt] crypt(): *0 should return *1 [ext/standard/tests/strings/crypt_des_error.phpt] In some cases, this is just a matter of the two implementations falling out of sync, however a few come down to actual behavioral differences between php_crypt_r() and crypt_r(). This may, of course, be down to my crypt() being broken somehow and that's *why* my build is using the more portable php_crypt_r() implementation... --- TL;DR - Do we have any idea (maybe from QA reports?) how many people are even /using/ system crypt(), and does it make any kind of sense to just remove support for it (and all the myriad #ifdef checks) given that we have a much more portable implementation? -Sara