From owner-freebsd-current@freebsd.org Sun Dec 29 00:27:12 2019 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6DF0D1CCD2B for ; Sun, 29 Dec 2019 00:27:12 +0000 (UTC) (envelope-from sgk@troutmask.apl.washington.edu) Received: from troutmask.apl.washington.edu (troutmask.apl.washington.edu [128.95.76.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "troutmask", Issuer "troutmask" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 47lhG669qMz3Q3X for ; Sun, 29 Dec 2019 00:27:10 +0000 (UTC) (envelope-from sgk@troutmask.apl.washington.edu) Received: from troutmask.apl.washington.edu (localhost [127.0.0.1]) by troutmask.apl.washington.edu (8.15.2/8.15.2) with ESMTPS id xBT0R2VI068174 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Sat, 28 Dec 2019 16:27:02 -0800 (PST) (envelope-from sgk@troutmask.apl.washington.edu) Received: (from sgk@localhost) by troutmask.apl.washington.edu (8.15.2/8.15.2/Submit) id xBT0R279068173; Sat, 28 Dec 2019 16:27:02 -0800 (PST) (envelope-from sgk) Date: Sat, 28 Dec 2019 16:27:02 -0800 From: Steve Kargl To: "Rodney W. Grimes" Cc: freebsd-current@freebsd.org Subject: Re: OpenSSL breaks factor(6) Message-ID: <20191229002702.GA68167@troutmask.apl.washington.edu> Reply-To: sgk@troutmask.apl.washington.edu References: <20191228035155.GA62416@troutmask.apl.washington.edu> <201912280442.xBS4grnp041518@gndrsh.dnsmgr.net> <20191228051533.GA62606@troutmask.apl.washington.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191228051533.GA62606@troutmask.apl.washington.edu> User-Agent: Mutt/1.12.2 (2019-09-21) X-Rspamd-Queue-Id: 47lhG669qMz3Q3X X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=washington.edu (policy=none); spf=none (mx1.freebsd.org: domain of sgk@troutmask.apl.washington.edu has no SPF policy when checking 128.95.76.21) smtp.mailfrom=sgk@troutmask.apl.washington.edu X-Spamd-Result: default: False [-2.23 / 15.00]; ARC_NA(0.00)[]; HAS_REPLYTO(0.00)[sgk@troutmask.apl.washington.edu]; DMARC_POLICY_SOFTFAIL(0.10)[washington.edu : No valid SPF, No valid DKIM,none]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; IP_SCORE(-0.23)[ip: (0.05), ipnet: 128.95.0.0/16(-0.26), asn: 73(-0.91), country: US(-0.05)]; MIME_GOOD(-0.10)[text/plain]; REPLYTO_ADDR_EQ_FROM(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:73, ipnet:128.95.0.0/16, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Dec 2019 00:27:12 -0000 On Fri, Dec 27, 2019 at 09:15:33PM -0800, Steve Kargl wrote: > On Fri, Dec 27, 2019 at 08:42:53PM -0800, Rodney W. Grimes wrote: > > > On Fri, Dec 27, 2019 at 07:00:04PM -0800, Rodney W. Grimes wrote: > > > > > On Fri, Dec 27, 2019 at 01:47:17PM -0800, Steve Kargl wrote: > > > > > > > > > > This patch now includes a fix for hexadecimal conversion. It > > > > > simple scans the string for a hex digit in [a,...,f] and assumes > > > > > that a hexadecimal string has been entered. A string that includes > > > > > character from the decimal digits is assumed to by a decimal > > > > > representation. > > > > > > > > It looks to me that the old code did the common method of > > > > try to convert as decimal, if that fails, try it as hex, > > > > if that fails report an error. > > > > > > > > Why is is that this common logic no longer works? > > > > > > AFAICT, BN_dec2bn and BN_hex2bn from OpenSSL scan from left > > > to right, does a conversion with what is possible, and reports > > > success. That is, for 1abc, BN_dec2bn can convert 1 to 1 and > > > reports success. The local implementations of these functions, > > > when OpenSSL is not used, does not do this partial conversion. > > > > I think I see now, the local implementaton checks for whole > > string conversion with a test for newline or null as the last > > byte converted by strtoul, the OpenSSL does not do this. > > > > My patch fixes that. The manpage documents that '1abcp' should > convert '1abc'. The 'p' simply terminates the conversion. The > local implementations actually flags an error. I suspect the > logic never worked as intended. The use of OpenSSL functions > in factor(6) was introduced in r104722 by fanf@. > > > So why ever use the, um, IMHO broken for this application, > > SSL versions of these functions? Or if we do need to use > > them for some reason apply the whole string conversion > > checks as wrappers around them? > > You'll need to ask fanf@, but I suspect the SSL version > was introduced to allow the factoring of integers that > exceed (uint64_t)(-1). > Updated patch with a svn log message. * usr.bin/factor/factor.6: . Document support for hexadecimal numbers. . Document termination conditions for interactive input. . Correct the maximum value for 'stop'. * usr.bin/factor/factor.c: . Include stdbool for bool type. . New function, contains_hex_alpha_digits(), checks whether an string of digits contains one of the alpha digits for hexadecimal representations (ie., abcdef). This function determines if decimal or hexadecimal conversion is required. . In the WITHOUT_OPENSSL case, make BN_dec2bn() and BN_hex2bn() conform to the documented termination conditions for parsing a string. * usr.bin/primes/primes.c: . Fix a comment, which has been wrong since 2014-09-27 (r272207). Index: usr.bin/factor/factor.6 =================================================================== --- usr.bin/factor/factor.6 (revision 355983) +++ usr.bin/factor/factor.6 (working copy) @@ -36,7 +36,7 @@ .\" .\" chongo /\oo/\ .\" -.Dd October 10, 2002 +.Dd December 27, 2019 .Dt FACTOR 6 .Os .Sh NAME @@ -67,11 +67,20 @@ .Nm is invoked with no arguments, .Nm -reads numbers, one per line, from standard input, until end of file or error. +reads numbers, one per line, from standard input until end of file or 0 +is entered or an error occurs. Leading white-space and empty lines are ignored. Numbers may be preceded by a single .Ql + . Numbers are terminated by a non-digit character (such as a newline). +Numbers can be either decimal or hexadecimal strings. +If the string contains only decimal digits, it is treated as a +decimal representation for a number. +A hexadecimal string should not contain a +.Em 0x +or +.Em 0X +prefix. After a number is read, it is factored. .Pp The @@ -89,7 +98,7 @@ value must not be greater than the maximum. The default and maximum value of .Ar stop -is 3825123056546413050. +is 18446744073709551615. .Pp When the .Nm primes Index: usr.bin/factor/factor.c =================================================================== --- usr.bin/factor/factor.c (revision 355983) +++ usr.bin/factor/factor.c (working copy) @@ -71,6 +71,7 @@ #include #include #include +#include #include #include #include @@ -104,6 +105,7 @@ #endif +static bool contains_hex_alpha_digits(char *str); static void BN_print_dec_fp(FILE *, const BIGNUM *); static void pr_fact(BIGNUM *); /* print factors of a value */ @@ -148,21 +150,25 @@ for (p = buf; isblank(*p); ++p); if (*p == '\n' || *p == '\0') continue; + if (*p == '+') p++; if (*p == '-') errx(1, "negative numbers aren't permitted."); - if (BN_dec2bn(&val, buf) == 0 && - BN_hex2bn(&val, buf) == 0) - errx(1, "%s: illegal numeric format.", buf); + ch = contains_hex_alpha_digits(p) ? + BN_hex2bn(&val, p) : BN_dec2bn(&val, p); + if (ch == 0) + errx(1, "%s: illegal numeric format.", p); pr_fact(val); } /* Factor the arguments. */ else - for (; *argv != NULL; ++argv) { - if (argv[0][0] == '-') + for (p = *argv; p != NULL; p = *++argv) { + if (*p == '+') p++; + if (*p == '-') errx(1, "negative numbers aren't permitted."); - if (BN_dec2bn(&val, argv[0]) == 0 && - BN_hex2bn(&val, argv[0]) == 0) - errx(1, "%s: illegal numeric format.", argv[0]); + ch = contains_hex_alpha_digits(p) ? + BN_hex2bn(&val, p) : BN_dec2bn(&val, p); + if (ch == 0) + errx(1, "%s: illegal numeric format.", p); pr_fact(val); } exit(0); @@ -346,7 +352,7 @@ errno = 0; **a = strtoul(str, &p, 10); - return (errno == 0 && (*p == '\n' || *p == '\0')); + return (errno == 0 ? 1 : 0); /* OpenSSL returns 0 on error! */ } static int @@ -356,7 +362,7 @@ errno = 0; **a = strtoul(str, &p, 16); - return (errno == 0 && (*p == '\n' || *p == '\0')); + return (errno == 0 ? 1 : 0); /* OpenSSL returns 0 on error! */ } static BN_ULONG @@ -370,3 +376,17 @@ } #endif + +/* Check if the string contains a hexadecimal digit. */ +static bool +contains_hex_alpha_digits(char *str) +{ + char c, *p; + + for (p = str; *p; p++) { + c = tolower(*p); + if (c >= 'a' && c <= 'f') + return true; + } + return false; +} Index: usr.bin/primes/primes.c =================================================================== --- usr.bin/primes/primes.c (revision 355983) +++ usr.bin/primes/primes.c (working copy) @@ -55,7 +55,7 @@ * primes [-h] [start [stop]] * * Print primes >= start and < stop. If stop is omitted, - * the value 4294967295 (2^32-1) is assumed. If start is + * the value 18446744073709551615 (2^64-1) is assumed. If start is * omitted, start is read from standard input. * * validation check: there are 664579 primes between 0 and 10^7 -- Steve