Thread: Re: Modern SHA2- based password hashes for pgcrypto

Re: Modern SHA2- based password hashes for pgcrypto

From
Japin Li
Date:
04 January, 06:19:49
On Fri, 03 Jan 2025 at 17:55, Bernd Helmle <mailings@oopsware.de> wrote:
> Am Freitag, dem 03.01.2025 um 23:57 +0800 schrieb Japin Li:
>>
>> Greate!  I have some questions after using it.
>>
>> When I use the following query, it crashed!
>>
>> [local]:4012204 postgres=# select crypt('hello',
>> '$5$$6$rounds=10000$/Zg436s2vmTwsoSz');
>> server closed the connection unexpectedly
>>         This probably means the server terminated abnormally
>>         before or while processing the request.
>> The connection to the server was lost. Attempting reset: Failed.
>> The connection to the server was lost. Attempting reset: Failed.
>> : !?>
>>
>> It is caused by checking the shacrypt digest.  The following can fix
>> this crash,
>> but I'm unsure if it is correct.
>>
>
> Hmm, can you provide a backtrace? I am currently debugging the CI
> results and i currently have a thinko in my code at crypt-sha.c:530, i
> am using the wrong length to copy the result buffer, see
>
Here is the backtrace.

(gdb) bt
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
#1  __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2  __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3  0x00007ba852a4526e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4  0x00007ba852a288ff in __GI_abort () at ./stdlib/abort.c:79
#5  0x00007ba852a297b6 in __libc_message_impl (fmt=fmt@entry=0x7ba852bce765 "*** %s ***: terminated\n") at
../sysdeps/posix/libc_fatal.c:132
#6  0x00007ba852b36c19 in __GI___fortify_fail (msg=msg@entry=0x7ba852bce77d "stack smashing detected") at
./debug/fortify_fail.c:24
#7  0x00007ba852b37ea4 in __stack_chk_fail () at ./debug/stack_chk_fail.c:24
#8  0x00007ba853d8cb2e in px_crypt_shacrypt (pw=0x64e191229370 "hello", salt=0x64e191229388
"$5$$6$rounds=10000$/Zg436s2vmTwsoSz",passwd=0x64e1912293d8
"$6$rounds=10000$/Zg436s2vmTwsoSz$TTCnOO7S5pkJHBVJ.oL74WN1Yt0n1RfQOWd60CRb4xtd9q7ChipyZ00jwYZfhDGRRJOoJNOgYKAVGpdmA8qhT1",
dstlen=128)at /data/Codes/pg/master/build/../contrib/pgcrypto/crypt-sha.c:546 
#9  0x00007ba853d9d9f8 in run_crypt_sha (psw=<error reading variable: Cannot access memory at address
0x31546871384155>,salt=<error reading variable: Cannot access memory at address 0x3154687138414d>, buf=<error reading
variable:Cannot access memory at address 0x31546871384145>, len=<error reading variable: Cannot access memory at
address0x31546871384141>) at /data/Codes/pg/master/build/../contrib/pgcrypto/px-crypt.c:76 
Backtrace stopped: Cannot access memory at address 0x31546871384175

--
Regrads,
Japin Li