Bug#163260: FW: Re: [rt-users] Apache restart: can't login
I forgot to send the patch to this bug; here it is. I'll ping libc
about it again upstream.
Right now, Perl has this code in it:
#ifdef HAS_CRYPT_R
#ifdef __GLIBC__
PL_reentrant_buffer->_crypt_struct.initialized = 0;
#endif
#endif /* HAS_CRYPT_R */
That's the only member of the _crypt_struct it changes at initialization.
This looks legitimate, according to the documentation:
The `crypt_r' function does the same thing as `crypt', but takes
an extra parameter which includes space for its result (among
other things), so it can be reentrant. `data->initialized' must be
cleared to zero before the first time `crypt_r' is called.
But we never clear the rest of the structure. We overwrite the sb0-sb3
tables, and we overwrite the keysched, but we read the current_salt and
current_saltbits out.
Sure enough valgrind detects some uses of uninitialized values in calls to
crypt_r. This patch fixes all of them (except for a couple coming out of
the dynamic linker! Which I'll look at in a bit and the patch doesn't
affect.)
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer
2002-10-29 Daniel Jacobowitz <drow@mvista.com>
* crypt/crypt_util.c (__init_des_r): Initialize current_salt
and current_saltbits.
--- crypt/crypt_util.c.fix 2002-10-29 13:56:46.000000000 -0500
+++ crypt/crypt_util.c 2002-10-29 13:56:13.000000000 -0500
@@ -536,6 +536,9 @@
}
}
+ __data->current_saltbits = 0;
+ __data->current_salt[0] = 0;
+ __data->current_salt[1] = 0;
__data->initialized++;
}
On Fri, Nov 08, 2002 at 11:58:28AM -0600, John Goerzen wrote:
> Y'all may be interested in this; there is what appears to be a manifestation
> of this same problem in RT2 (debian package request-tracker) and Perl. The
> Perl people apparently have a "workaround", but this is not yet in Debian,
> and implies that glibc still has a problem.
>
> ----- Forwarded message from Rick Bradley <rt-users@rickbradley.com> -----
>
> From: Rick Bradley <rt-users@rickbradley.com>
> Date: Fri, 8 Nov 2002 11:53:47 -0600
> To: John Goerzen <jgoerzen@complete.org>
> Cc: rt-users@fsck.com
> Subject: Re: [rt-users] Apache restart: can't login
>
> * John Goerzen (jgoerzen@complete.org) [021108 11:52]:
> > > If it's a Linux system it could be a problem with a faulty crypt() in
> > > glibc. Check the archives for more info.
> >
> > Hmm, that could make sense; however, despite repeated googling, I wasn't
> > able to find any relevant info in the archives. Search term suggestions
> > would be welcome :-)
>
> Try these links:
>
> http://lists.fsck.com/pipermail/rt-users/2002-September/010117.html
> http://lists.fsck.com/pipermail/rt-users/2002-October/010256.html
>
> Rick
> --
> http://www.rickbradley.com MUPRN: 67 (62F/62F)
> | big of a deal. There's
> random email haiku | a lot of useless bullshit
> | in the protocol.
>
> ----- End forwarded message -----
>
>
> --
> To UNSUBSCRIBE, email to debian-glibc-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer
Reply to: