[openssl-dev] [openssl.org #4337] SEGV Fault in the DES_fcrypt
Salz, Rich via RT
rt at openssl.org
Tue Feb 23 14:45:04 UTC 2016
From: Rafał Buczko [mailto:rafal.buczko92 at gmail.com]
Sent: Monday, February 22, 2016 8:45 PM
To: openssl-security at openssl.org
Subject: [openssl-security] SEGV Fault in the DES_fcrypt
Hi :),
There is a segmentation fault, in function DES_fcrypt (file: openssl/fcrypt.c:120)
x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]);
Eswap0 = con_salt[x] << 2;
x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]);
Eswap1 = con_salt[x] << 6;
, which happens to happend when salt input string contains some unusual chars like Ý, © ... (char values from 128 to 255)
OS: Ubuntu 15.10 x86_64
Code:
#include <openssl/des.h>
int main()
{
char ret_buff[14];
//char *DES_fcrypt(const char *buf, const char *salt, char *ret)
DES_fcrypt("bca76;23", "ÝÝ", ret_buff);
return 0;
}
This is my first report, so please be understanding about any incomprehension.
Best Regards
Rafal :).
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4337
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list