From owner-freebsd-bugs@FreeBSD.ORG Fri Sep 5 23:18:00 2014 Return-Path: Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BEAFFB7 for ; Fri, 5 Sep 2014 23:18:00 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 72DDD1D24 for ; Fri, 5 Sep 2014 23:18:00 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s85NI0Fw097806 for ; Fri, 5 Sep 2014 23:18:00 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 193355] New: OPIE may not generate passwds from the dictionary correctly Date: Fri, 05 Sep 2014 23:18:00 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 10.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: dan.turner@york.ac.uk X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2014 23:18:00 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193355 Bug ID: 193355 Summary: OPIE may not generate passwds from the dictionary correctly Product: Base System Version: 10.0-RELEASE Hardware: Any OS: Any Status: Needs Triage Severity: Affects Many People Priority: --- Component: bin Assignee: freebsd-bugs@FreeBSD.org Reporter: dan.turner@york.ac.uk contrib/opie/libopie/btoe.c contains a dictionary, Wp. Wp is _not_ sorted lexicographically. for instance, "YOU" is immediately before "ABED", line . The function wsrch (impl. starts at line 2203) implements a binary search over Wp, using strncmp as the comparison method. The call strncmp uses lexicographic ordering, in which "ABED" is considered to be less than "YOU". Unfortunately, this dictionary is from RFC 2289 & RFC 1760, and is specified in this order. As such, I don't know how modifying this dictionary order (or the search order) would behave in relation to these standards. I cannot spot any location where Wp is being sorted prior to being used, but I also have not produced proof-of-concept that fails or returns the wrong value, this code looks suspicious to me though, as I think the pre-conditions of the binary search are being violated. -- You are receiving this mail because: You are the assignee for the bug.