glibc

Dangerous optimization (a vulnerability)

V597 The compiler could delete the ‘memset’ function call, which is used to flush ‘temp_result’ buffer. The RtlSecureZeroMemory() function should be used to erase the private data. sha256-crypt.c 385

char *
__sha256_crypt_r (key, salt, buffer, buflen)
     const char *key;
     const char *salt;
     char *buffer;
     int buflen;
{
  ....
  unsigned char temp_result[32]
  ....
  memset (temp_result, '\0', sizeof (temp_result));
  ....
  .... // temp_result not used further on
}

The compiler is allowed to remove the call of the memset() function when compiling the Release version. Well, it is actually obliged to do so for the sake of optimization. Since the ‘temp_result’ buffer is not used anywhere after calling the memset() function, the function call itself is not needed too.

This is a vulnerability because the private data will not be erased. The memset() function should be replaced with a more appropriate one. The analyzer suggests RtlSecureZeroMemory(), which is absent in Linux of course. But there are other alternatives.

Please click here to see more bugs from this project.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

How Not To Code

C++/C# bad practices: learn how to make a good code by bad example

glibc

Leave a Reply Cancel reply

Share with:

Like this:

Related

Leave a Reply Cancel reply