[PATCH 12/42] libcrypt/crypt-md5.c: Fix overflow issues

Sebastian Huber sebastian.huber at embedded-brains.de
Tue Mar 24 13:28:40 UTC 2015



On 23/03/15 16:51, Gedare Bloom wrote:
> I guess this is a problem for 16-bit targets? changing the constants
> to 16UL and 8UL also should work.

No, this doesn't work.  The type of the << X variable is irrelevant.

> A comment should be made that this
> is only for 16-bit targets. If we rid RTEMS of those, we can get rid
> of some of these shenanigans...
>
> On Mon, Mar 23, 2015 at 10:39 AM, Joel Sherrill
> <joel.sherrill at oarcorp.com> wrote:
>> ---
>>   cpukit/libcrypt/crypt-md5.c | 12 ++++++++++++
>>   1 file changed, 12 insertions(+)
>>
>> diff --git a/cpukit/libcrypt/crypt-md5.c b/cpukit/libcrypt/crypt-md5.c
>> index c60dcf8..78ae0bc 100644
>> --- a/cpukit/libcrypt/crypt-md5.c
>> +++ b/cpukit/libcrypt/crypt-md5.c
>> @@ -133,6 +133,17 @@ crypt_md5_r(const char *pw, const char *salt, struct crypt_data *data)
>>
>>          p = passwd + strlen(passwd);
>>
>> +#if defined(__rtems__)
>> +       l = ((long int) final[ 0]<<16) | ((long int) final[ 6]<<8) | final[12];

Since l is of type unsigned long, the cast should be (unsigned long).

>> +       _crypt_to64(p, l, 4); p += 4;
>> +       l = ((long int) final[ 1]<<16) | ((long int) final[ 7]<<8) | final[13];
>> +       _crypt_to64(p, l, 4); p += 4;
>> +       l = ((long int) final[ 2]<<16) | ((long int) final[ 8]<<8) | final[14];
>> +       _crypt_to64(p, l, 4); p += 4;
>> +       l = ((long int) final[ 3]<<16) | ((long int) final[ 9]<<8) | final[15];
>> +       _crypt_to64(p, l, 4); p += 4;
>> +       l = ((long int) final[ 4]<<16) | ((long int) final[10]<<8) | final[ 5];
>> +#else
>>          l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
>>          _crypt_to64(p, l, 4); p += 4;
>>          l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
>> @@ -142,6 +153,7 @@ crypt_md5_r(const char *pw, const char *salt, struct crypt_data *data)
>>          l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
>>          _crypt_to64(p, l, 4); p += 4;
>>          l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
>> +#endif
>>          _crypt_to64(p, l, 4); p += 4;
>>          l = final[11];
>>          _crypt_to64(p, l, 2); p += 2;
>> --
>> 1.9.3
>>
>> _______________________________________________
>> devel mailing list
>> devel at rtems.org
>> http://lists.rtems.org/mailman/listinfo/devel
> _______________________________________________
> devel mailing list
> devel at rtems.org
> http://lists.rtems.org/mailman/listinfo/devel

-- 
Sebastian Huber, embedded brains GmbH

Address : Dornierstr. 4, D-82178 Puchheim, Germany
Phone   : +49 89 189 47 41-16
Fax     : +49 89 189 47 41-09
E-Mail  : sebastian.huber at embedded-brains.de
PGP     : Public key available on request.

Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.




More information about the devel mailing list