Received: with ECARTIS (v1.0.0; list netdev); Sat, 17 Jul 2004 02:48:48 -0700 (PDT) Received: from arnor.apana.org.au (mail@arnor.apana.org.au [203.14.152.115]) by oss.sgi.com (8.13.0/8.13.0) with ESMTP id i6H9mcUS020808 for ; Sat, 17 Jul 2004 02:48:40 -0700 Received: from gondolin.me.apana.org.au ([192.168.0.6] ident=mail) by arnor.apana.org.au with esmtp (Exim 3.35 #1 (Debian)) id 1Bllnz-0007zU-00; Sat, 17 Jul 2004 19:48:31 +1000 Received: from herbert by gondolin.me.apana.org.au with local (Exim 3.36 #1 (Debian)) id 1Bllnx-00059S-00; Sat, 17 Jul 2004 19:48:29 +1000 Date: Sat, 17 Jul 2004 19:48:29 +1000 To: James Morris Cc: "David S. Miller" , netdev@oss.sgi.com Subject: Re: [CRYPTO] Fix stack overrun in crypt() Message-ID: <20040717094829.GA19791@gondor.apana.org.au> References: <20040715114840.GA1325@gondor.apana.org.au> <20040717074319.GA18919@gondor.apana.org.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040717074319.GA18919@gondor.apana.org.au> User-Agent: Mutt/1.5.6+20040523i From: Herbert Xu X-archive-position: 7025 X-ecartis-version: Ecartis v1.0.0 Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com X-original-sender: herbert@gondor.apana.org.au Precedence: bulk X-list: netdev On Sat, Jul 17, 2004 at 05:43:19PM +1000, herbert wrote: > > Unfortunately it looks like we still have a problem. gcc 3.3.4 appears > to be generating incorrect output on i386 with the dynamic stack > allocation used in crypt() and the functions around it. > > In particular, it can give you 8 bytes when you ask for 16 bytes. > See my report at http://bugs.debian.org/259887 for details. I got it wrong. gcc is simply allocating some (12 bytes) of the space unconditionally. Sorry for the noise. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt