Bug #84505 for Crypt-Passwd-XS: global-buffer-overflow in cpx_crypt

RT for rt.cpan.org

This queue is for tickets about the Crypt-Passwd-XS CPAN distribution.

Report information

The Basics

Id:	84505
Status:	new
Priority:	0/
Queue:	Crypt-Passwd-XS

People

Owner:	Nobody in particular
Requestors:	RURBAN [...] cpan.org
Cc:
AdminCc:

Bug Information

Severity:	Normal
Broken in:	(no value)
Fixed in:	(no value)

History Show all quoted text

Mon Apr 08 14:58:49 2013 RURBAN [...] cpan.org - Ticket created

Subject:

global-buffer-overflow in cpx_crypt_des with undefined salt

case #64429 0.602: Fix global-buffer-overflow in des.c:681 cpx_crypt_des() with undefined salt may lead to reading from an uninitialized salt[1] character from the stask, which is unused, but leads to -faddress-sanitizer and valgrind warnings. Testcase 8 in t/02_des.t [ "test1234", undef, "" ] patch in our private repo. -- Reini Urban

Bug #84505 for Crypt-Passwd-XS: global-buffer-overflow in cpx_crypt_des with undefined salt