Bug#961429: RFS: cryptopass/1.0.0-1 [ITP] -- CLI utility for generating long, unguessable passwords.
>This prompted me to take a quick look at the source. There are multiple trivially exploitable buffer overflows in this code. E.g. src/cryptopass.c:147-149 :
> usernamelen = strlen(argv);
> memcpy(username, argv, usernamelen);
>You could argue this program is only intended to receive input from a trusted user, but is a user meant to comprehend that passing large command line arguments results in memory corruption? Obviously everyone is free to develop code how they like, but IMHO security packages should be using fuzz testing, that would easily find this issue. AFAICT this code base has no test suite. I would suggest adding one as well as fuzzing this code before exposing the downstream public to it.
> : https://github.com/basilgello/cryptopass/blob/master/src/cryptopass.c#L147-L149
Ouch! That was kinda chilling! :) Finding bugs for others does not guarantee yourself from doing your own ones.
> I would suggest adding one as well as fuzzing this code before exposing the downstream public to it.
Will fix the issues and add testsuite && fuzzcorp ASAP.
BTW I fixed all the stuff GCC 8.3.0 reported me with FORTIFY_SOURCE=2 before pushing code to GitHub.
Did you use GCC 10?