Re: crypt and null termination

Bruce Momjian <pgman@candle.pha.pa.us> writes:

> Look at this from the BSD/OS crypt() manual page:
> 
>      The crypt function performs password encryption.  It is derived from the
>      NBS Data Encryption Standard.  Additional code has been added to deter
>      key search attempts.  The first argument to crypt is a NUL-terminated
>      string (normally a password typed by a user).  The second is a character
>      array, 9 bytes in length, consisting of an underscore (``_'') followed by
>      4 bytes of iteration count and 4 bytes of salt.  Both the iteration count
>      and the salt are encoded with 6 bits per character, least significant
>      bits first.  The values 0 to 63 are encoded by the characters ``./0-9A-
>      Za-z'', respectively.
> 
> ...
> 
>      For compatibility with historical versions of crypt(3),  the setting may
>      consist of 2 bytes of salt, encoded as above, in which case an iteration
>      count of 25 is used, fewer perturbations of DES are available, at most 8
>      characters of key are used, and the returned value is a NUL-terminated
>      string 13 bytes in length.
> 
> It seems to say that the salt passed to crypt should be null-terminated, but
> we call crypt from libpq as:
> 
>     crypt_pwd = crypt(password, conn->salt);
> 
> and conn.salt is char[2].  Isn't this a problem?

I don't think it is.  Note that it refers to the salt as a "character
array", not a string.  Also, since '_' isn't in the allowed encoding
set, it can tell the difference between a 9-byte salt and a 2-byte
salt without a terminating NUL.

-Doug
-- 
Free Dmitry Sklyarov! 
http://www.freesklyarov.org/ 

We will return to our regularly scheduled signature shortly.