Debian Bug report logs - #623220
php5: crypt() function with empty salt returns empty string

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Michael Neubert <debian@michael-neubert.de>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: php5: crypt() function with empty salt returns empty string

Date: Mon, 18 Apr 2011 15:04:36 +0200

Package: php5
Version: 5.3.3-7+squeeze1
Severity: normal


Since Debian Squeeze the behaviour of the crypt() function changed.
With an empty second argument (salt), the result is always an empty string
instead of a hash string (see documentation for the crypt() function).

$ php -r 'var_dump(crypt("",""));'
string(0) ""

$ php -r 'var_dump(crypt("test",""));'
string(0) ""

-- System Information:
Debian Release: 6.0.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages php5 depends on:
ii  libapache2-mod-php5     5.3.3-7+squeeze1 server-side, HTML-embedded scripti
ii  php5-common             5.3.3-7+squeeze1 Common files for packages built fr

php5 recommends no packages.

php5 suggests no packages.

-- no debconf information

Message #10 received at 623220@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@debian.org>

To: Michael Neubert <debian@michael-neubert.de>, 623220@bugs.debian.org

Cc: control <control@bugs.debian.org>

Subject: Re: [php-maint] Bug#623220: php5: crypt() function with empty salt returns empty string

Date: Mon, 18 Apr 2011 16:25:04 +0200

forcemerge 581170 623220
found 581170 5.3.3-7+squeeze1
tag 581170 +squeeze
thank you

On Mon, Apr 18, 2011 at 15:04, Michael Neubert
<debian@michael-neubert.de> wrote:
> Package: php5
> Version: 5.3.3-7+squeeze1
> Severity: normal
>
>
> Since Debian Squeeze the behaviour of the crypt() function changed.
> With an empty second argument (salt), the result is always an empty string
> instead of a hash string (see documentation for the crypt() function).

The documentation says:

> "An optional salt string to base the hashing on. If not provided, the behaviour is defined by the algorithm implementation and can lead to unexpected results. "

There is nothing wrong about returning empty string (aka unexpected
result) - which hashing do you want anyway?

However this has been fixed in the current unstable + testing by
generating SHA512 salt+hash, but I don't think the bug is serious
enough to include fix for this in the stable updates, since the
function behaves according to a documentation.

I am merging this bug and marking it as affecting the squeeze release.

O.
-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/

Message #19 received at 623220@bugs.debian.org (full text, mbox, reply):

From: Michael Neubert <debian@michael-neubert.de>

To: 623220@bugs.debian.org

Subject: Re: [php-maint] Bug#623220: php5: crypt() function with empty salt, returns empty string

Date: Mon, 18 Apr 2011 20:32:48 +0200

>  The documentation says: "An optional salt string to base the hashing on. If not provided, the behaviour is defined by the algorithm implementation and can lead to unexpected results."

Ok I only read the German manual. Here the documentation differs and no hint is given for "unexpected results".
But even with this hidden hint in the English documentation I cannot agree to your argumentation. I set the salt as an empty string,
so I provided the second Argument, even if it was empty. And what I got was no hashed string. It was an empty string.

So I expected as result always an hash string, weather or not there is an empty salt-string. And under Debian lenny there was always a non-empty hash-string, even if the salt-string or both arguments were empty.

Example in Lenny:
$ php -r 'var_dump(crypt("",""));'
string(34) "$1$S5KCztpy$mu6mdwHz0weoCkGKGqX2s0"

Example in Squeeze:
$ php -r 'var_dump(crypt("",""));'
string(0) ""

Maybe you say, this is no critical behaviour. But I just migrated some servers from Lenny to Squeeze and one website
on these servers got involved by this phenomenon (login script, that did no check for empty strings, because it thought, it
gets always hash strings as results ->  worst case occured ->  login without valid password).

So in my opinion it could be advisably to bring the patch also for the current stable Squeeze release, because other
web2.0 websites with login could probably be affected / vulnerable in the same way leading to a significant
risk concerning privacy for the users of those websites.

Message #24 received at 623220@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@debian.org>

To: debian@michael-neubert.de, 623220@bugs.debian.org, Raphael Geissert <geissert@debian.org>

Subject: Re: [php-maint] Bug#623220: Bug#623220: php5: crypt() function with empty salt, returns empty string

Date: Tue, 19 Apr 2011 08:04:40 +0200

Hi Michael,

On Mon, Apr 18, 2011 at 20:32, Michael Neubert
<debian@michael-neubert.de> wrote:
>>  The documentation says: "An optional salt string to base the hashing on.
>> If not provided, the behaviour is defined by the algorithm implementation
>> and can lead to unexpected results."
>
> Ok I only read the German manual. Here the documentation differs and no hint
> is given for "unexpected results".

You should probably fill a documentation bug at bugs.php.net.

> But even with this hidden hint in the English documentation I cannot agree
> to your argumentation. I set the salt as an empty string,
> so I provided the second Argument, even if it was empty. And what I got was
> no hashed string. It was an empty string.
>
> So I expected as result always an hash string, weather or not there is an
> empty salt-string. And under Debian lenny there was always a non-empty
> hash-string, even if the salt-string or both arguments were empty.
>
> Example in Lenny:
> $ php -r 'var_dump(crypt("",""));'
> string(34) "$1$S5KCztpy$mu6mdwHz0weoCkGKGqX2s0"
>
> Example in Squeeze:
> $ php -r 'var_dump(crypt("",""));'
> string(0) ""
>
> Maybe you say, this is no critical behaviour. But I just migrated some
> servers from Lenny to Squeeze and one website
> on these servers got involved by this phenomenon (login script, that did no
> check for empty strings, because it thought, it
> gets always hash strings as results ->  worst case occured ->  login without
> valid password).
>
> So in my opinion it could be advisably to bring the patch also for the
> current stable Squeeze release, because other
> web2.0 websites with login could probably be affected / vulnerable in the
> same way leading to a significant
> risk concerning privacy for the users of those websites.

Even though I think that it's the application which needs fixing and
the implementation follows system crypt (which will return empty
string in case you provide the empty salt), you have convinced me that
it's worth fixing in squeeze.

Raphael could you please cherry-pick 58f8b27 to debian-squeeze and
include it in next batch of security updates?

O.
-- 
Ondřej Surý <ondrej@sury.org>
http://blog.rfc1925.org/

Message #37 received at 623220@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@sury.org>

To: 623220@bugs.debian.org

Cc: ,control@bugs.debian.org

Subject: [debian/debian-squeeze] Fix regression when the salt is empty (Closes: #623220)

Date: Mon, 18 Jul 2011 21:07:01 +0000

tag 623220 pending
thanks

Date: Mon Jul 4 08:29:42 2011 +0200
Author: Ondřej Surý <ondrej@sury.org>
Commit ID: 3e0749edcf32aa62f704d7392ab394a83d4643f7
Commit URL: http://git.debian.org/?p=pkg-php/php.git;a=commitdiff;h=3e0749edcf32aa62f704d7392ab394a83d4643f7
Patch URL: http://git.debian.org/?p=pkg-php/php.git;a=commitdiff_plain;h=3e0749edcf32aa62f704d7392ab394a83d4643f7

    Fix regression when the salt is empty (Closes: #623220)

      

Send a report that this bug log contains spam.