Bugs item #3603901, was opened at 2013-02-08 18:37 Message generated for change (Tracker Item Submitted) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=611248&aid=3603901&group_id=95403
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: https://www.google.com/accounts () Assigned to: Nobody/Anonymous (nobody) Summary: incorrect crc32 comparisons Initial Comment: Hello, while performing an audit of vde2 (https://bugs.launchpad.net/ubuntu/+source/vde2/+bug/776818) I found a bug. cryptcab decided to treat crc32 values as a string for some reason. In doing so, it incorrectly compares two crc32 values: int isvalid_crc32(unsigned char *block, int len) { unsigned char *crc=(unsigned char *)crc32(block,len-4); if(strncmp((char*)block+(len-4),(char*)crc,4)==0){ free(crc); return 1; }else{ //fprintf(stderr,"bad crc32!\n"); free(crc); return 0; } } strcmp will stop reading at the first 0x00 character ('\0') in the string, whether it is intentional or not. Further characters are not compared. If the string implementation is desirable, then this code should switch to memcmp(3), and a specified length of '4'. However, this entire string-based comparison could probably be replaced if the crc32() were redesigned to use htonl(3) to manipulate the crc32 values as a single four-byte entity. These can be compared using == directly and without invoking malloc(3) and free(3). However, I have not tested that htonl(3) is an accurate replacement, so please be sure to test this thoroughly. (The existing code may actually be incorrect on PowerPC, SPARC, MIPS, etc. I also haven't tested this guess.) ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=611248&aid=3603901&group_id=95403 ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ vde-users mailing list vde-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/vde-users
