From: Rafał Buczko [mailto:rafal.buczk...@gmail.com]
Sent: Monday, February 22, 2016 8:45 PM
To: openssl-secur...@openssl.org
Subject: [openssl-security] SEGV Fault in the DES_fcrypt
Hi :),
There is a segmentation fault, in function DES_fcrypt (file:
openssl/fcrypt.c:120)
x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]);
Eswap0 = con_salt[x] << 2;
x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]);
Eswap1 = con_salt[x] << 6;
, which happens to happend when salt input string contains some unusual chars
like Ý, © ... (char values from 128 to 255)
OS: Ubuntu 15.10 x86_64
Code:
#include
int main()
{
char ret_buff[14];
//char *DES_fcrypt(const char *buf, const char *salt, char *ret)
DES_fcrypt("bca76;23", "ÝÝ", ret_buff);
return 0;
}
This is my first report, so please be understanding about any incomprehension.
Best Regards
Rafal :).
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4337
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
