[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7490) Security weakness in sha2 password module



--On Friday, January 11, 2013 6:19 AM +0000 mhardin@symas.com wrote:

> Full_Name: Matthew Hardin
> Version: 2.4.33+
> OS: All
> URL: ftp://ftp.openldap.org/incoming/sha2.c-diff.txt
> Submission from: (NULL) (69.43.206.100)
>
>
> contrib/slapd-modules/passwd/sha2/sha2.c uses a series of context buffers
> and zeros them out in several places using the following macro:
>
> MEMSET_BZERO(context, sizeof(context))
>
> The variable 'context' is a pointer to a context buffer, so sizeof will
> evaluate to the size of a pointer for the particular platform. As a
> result, the context buffer is only partially zeroed.
>
> The correct invocation is:
>
> MEMSET_BZERO(context, sizeof(*context))
>
> which will zero out the complete context buffer.
>
> The referenced diff details the changes to sha2.c that are necessary to
> correct this issue.
>
> Note this also cleans up warnings reported by MacOS's clang compiler.
>
> I, Matthew Hardin, hereby place the following modifications to OpenLDAP
> Software (and only these modifications) into the public domain. Hence,
> these modifications may be freely used and/or redistributed for any
> purpose with or without attribution and/or other notice.

Can you resubmit the patch using git-format-patch?  Or at least using 
unified diff format? ;)

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration