Re: Modern SHA2- based password hashes for pgcrypto

On Fri, 03 Jan 2025 at 17:55, Bernd Helmle <mailings(at)oopsware(dot)de> wrote:
> Am Freitag, dem 03.01.2025 um 23:57 +0800 schrieb Japin Li:
>>
>> Greate!  I have some questions after using it.
>>
>> When I use the following query, it crashed!
>>
>> [local]:4012204 postgres=# select crypt('hello',
>> '$5$$6$rounds=10000$/Zg436s2vmTwsoSz');
>> server closed the connection unexpectedly
>>         This probably means the server terminated abnormally
>>         before or while processing the request.
>> The connection to the server was lost. Attempting reset: Failed.
>> The connection to the server was lost. Attempting reset: Failed.
>> : !?>
>>
>> It is caused by checking the shacrypt digest.  The following can fix
>> this crash,
>> but I'm unsure if it is correct.
>>
>
> Hmm, can you provide a backtrace? I am currently debugging the CI
> results and i currently have a thinko in my code at crypt-sha.c:530, i
> am using the wrong length to copy the result buffer, see
>
Here is the backtrace.

(gdb) bt
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=<optimized out>, signo=signo(at)entry=6) at ./nptl/pthread_kill.c:89
#3 0x00007ba852a4526e in __GI_raise (sig=sig(at)entry=6) at ../sysdeps/posix/raise.c:26
#4 0x00007ba852a288ff in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007ba852a297b6 in __libc_message_impl (fmt=fmt(at)entry=0x7ba852bce765 "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:132
#6 0x00007ba852b36c19 in __GI___fortify_fail (msg=msg(at)entry=0x7ba852bce77d "stack smashing detected") at ./debug/fortify_fail.c:24
#7 0x00007ba852b37ea4 in __stack_chk_fail () at ./debug/stack_chk_fail.c:24
#8 0x00007ba853d8cb2e in px_crypt_shacrypt (pw=0x64e191229370 "hello", salt=0x64e191229388 "$5$$6$rounds=10000$/Zg436s2vmTwsoSz", passwd=0x64e1912293d8 "$6$rounds=10000$/Zg436s2vmTwsoSz$TTCnOO7S5pkJHBVJ.oL74WN1Yt0n1RfQOWd60CRb4xtd9q7ChipyZ00jwYZfhDGRRJOoJNOgYKAVGpdmA8qhT1", dstlen=128) at /data/Codes/pg/master/build/../contrib/pgcrypto/crypt-sha.c:546
#9 0x00007ba853d9d9f8 in run_crypt_sha (psw=<error reading variable: Cannot access memory at address 0x31546871384155>, salt=<error reading variable: Cannot access memory at address 0x3154687138414d>, buf=<error reading variable: Cannot access memory at address 0x31546871384145>, len=<error reading variable: Cannot access memory at address 0x31546871384141>) at /data/Codes/pg/master/build/../contrib/pgcrypto/px-crypt.c:76
Backtrace stopped: Cannot access memory at address 0x31546871384175

--
Regrads,
Japin Li