On Fri, Apr 12, 2019 at 6:04 AM mingli.yu@windriver.com wrote:
From: Mingli Yu Mingli.Yu@windriver.com
use malloc and strncpy altogether to replace strdup for salt initialization to fix below Segmentation fault: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
Signed-off-by: Mingli Yu Mingli.Yu@windriver.com
tools/nettle-pbkdf2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tools/nettle-pbkdf2.c b/tools/nettle-pbkdf2.c index fe6528d..6ecb206 100644 --- a/tools/nettle-pbkdf2.c +++ b/tools/nettle-pbkdf2.c @@ -143,7 +143,10 @@ main (int argc, char **argv) return EXIT_FAILURE; }
- salt = strdup (argv[0]);
- salt = malloc (strlen(argv[0]) + 1);
- if (! salt)
die ("Failed to allocate memory for salt\n");- strncpy(salt, argv[0], sizeof(salt) - 1);
Hi,
Isn't this a bug in libc/strdup and not in nettle? This implementation is the same as what expected from strdup.
As a workaround I would have added CPPFLAGS="-Dstrdup(x) ...." instead of introducing workarounds for libc bugs, and send a patch to the libc, as this may affect more than this single strdup.
Even if such workaround is to be added, it should be added using autoconf detection and a stub of _strdup(x) and a #define strdup _strdup if a known issue is detected, again, this should affect al strdup usages.
I would add the die statement, but not replace the strdup.
salt = strdup(argv[0]); +if (!salt) + die(...)
However, looking at the code, I believe the allocation of memory is not required... it can be:
- salt = strdup (argv[0]); - salt_length = strlen(argv[0]); + salt = argv[0]; + salt_length = strlen(salt); ... - free (salt);
As argv is kept during execution.
Regards, Alon