From: Rafał Buczko [mailto:rafal.buczk...@gmail.com] Sent: Monday, February 22, 2016 8:45 PM To: openssl-secur...@openssl.org Subject: [openssl-security] SEGV Fault in the DES_fcrypt
Hi :), There is a segmentation fault, in function DES_fcrypt (file: openssl/fcrypt.c:120) x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]); Eswap0 = con_salt[x] << 2; x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]); Eswap1 = con_salt[x] << 6; , which happens to happend when salt input string contains some unusual chars like Ý, © ... (char values from 128 to 255) OS: Ubuntu 15.10 x86_64 Code: #include <openssl/des.h> int main() { char ret_buff[14]; //char *DES_fcrypt(const char *buf, const char *salt, char *ret) DES_fcrypt("bca76;23", "ÝÝ", ret_buff); return 0; } This is my first report, so please be understanding about any incomprehension. Best Regards Rafal :). -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4337 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev