[OFFTOPIC] Re: password encryption

Alan Curry (pacman-kernel@cqc.com)
Thu, 5 Aug 1999 12:58:49 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mofeed Shahin: "2.3.12 - klogd 100% CPU && Bogus Buffer memory count"
Previous message: Steve VanDevender: "Re: Linux 2.2.11pre4"

Robert G. Brown writes the following:
>
>main(argc, argv)
> int argc;
> char **argv;
> {
> char *s,passwd[128],salt[8];
> unsigned long i,iterations;
>
> if(argc != 3) {
> fprintf(stderr, "usage: makepw passwd salt\n");
> exit(1);
> }
> argv++;
> sprintf(passwd,"%s",*argv);

Buffer overflow waiting to happen

> /* Truncate passwd at eight characters on general principles.*/
> passwd[8] = 0;

Wrong. MD5 passwords can be significant to a lot more than 8 chars.

> argv++;
> sprintf(salt,"%s",*argv);

Another buffer overflow waiting to happen

> /* Truncate salt at two characters, ditto. */
> salt[2] = 0;

Wrong. MD5 salt is longer than 2 chars.

> s=crypt(passwd,salt);
> printf("%s\n",s);
> exit(0);
> }

People, don't truncate things before passing them to crypt. It knows more
than you do about the right lengths of passwords and salt.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mofeed Shahin: "2.3.12 - klogd 100% CPU && Bogus Buffer memory count"
Previous message: Steve VanDevender: "Re: Linux 2.2.11pre4"