oss-sec mailing list archives
Re: CVE request: crypt_blowfish 8-bit character mishandling
From: Djalal Harouni <tixxdz () opendz org>
Date: Fri, 24 Jun 2011 14:05:17 +0100
On Mon, Jun 20, 2011 at 09:01:11AM +0400, Solar Designer wrote:
Oh, also some builds of crypt_blowfish (and of affected systems/apps) for PowerPC are probably unaffected, because char is typically unsigned there (unless overridden in compiler flags for compatibility with more typical systems).
Just to add that on some (perhaps all) ARM plateforms char is by default: "unsigned" (unless you compile with -fsigned-char as you have noted). This is an old link that expose some problems when you just use 'char var' on ARM (perhaps not only on ARM): http://www.arm.linux.org.uk/docs/faqs/signedchar.php -- tixxdz http://opendz.org
Current thread:
- Re: CVE request: crypt_blowfish 8-bit character mishandling, (continued)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Michael Matz (Jun 28)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jun 29)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jun 27)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen (Jun 21)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jun 21)