ford@kenobi.UUCP (Mike Ditto) (03/31/88)
There is a bug in the crypt(3C) library function in most System V libraries, including the Unix PC Development Set, which completely prevents proper encryption/decryption of data. Enclosed is a binary patch for the Unix PC (7300/3b1) that will fix the bug. The routines affected are setkey() and encrypt(). See comp.bugs.sys5 for a description of the bug and the fix and a test program to verify that the setkey/encrypt routines work correctly. I could have just as easily posted just the new crypt.o, but to avoid any legal problems I made it so that you have to have the old broken crypt.o in order to get the new one. The bug was found and fixed by myself and Keith Gabryelski (ag@portnoy.CTS.COM) using only our bare hands and adb (Well, with some help from M-x compare-windows, etc.). -=] Ford [=- "Once there were parking lots, (In Real Life: Mike Ditto) now it's a peaceful oasis. ford%kenobi@crash.CTS.COM This was a Pizza Hut, ...!sdcsvax!crash!kenobi!ford now it's all covered with daisies." -- Talking Heads #! /bin/sh # This is a shell archive, meaning: # 1. Remove everything above the #! /bin/sh line. # 2. Save the resulting text in a file. # 3. Execute the file with /bin/sh (not csh) to create the files: # ORIGcrypt.o (A copy of the old (broken) crypt.o) # NEWcrypt.o (A copy of the new (fixed) crypt.o) # The new crypt.o will also be installed in /lib/libc.a # # This archive created: Wed Mar 30 23:13:47 1988 export PATH; PATH=/bin:$PATH echo shar: extracting "'xorit' program to make the patch" if test -f 'xorit.c' then echo shar: will not over-write existing file "'xorit.c'" else cat << \SHAR_EOF > 'xorit.c' #include <stdio.h> #define DEC(c) (((c) - ' ') & 077) #define xorit(ch) putchar((ch)^getc(orig)) main(argc, argv) int argc; char *argv[]; { int n; FILE *orig; char a, b, c, d; if (argc<3) { fprintf(stderr, "Usage: xorit <originalfile> <patchfile>\n"); exit(-1); } if ((orig=fopen(argv[1], "r")) == NULL) { perror(argv[1]); exit(1); } if (freopen(argv[2], "r", stdin) == NULL) { perror(argv[2]); exit(1); } if (scanf("begin %*o %*s ")) { fputs("xorit: bad uudecode input\n", stderr); exit(1); } while ((n=getchar()) != EOF && (n=DEC(n))!=0) { while (n>0) { a = DEC(getchar()); b = DEC(getchar()); c = DEC(getchar()); d = DEC(getchar()); if (n-- > 0) xorit(a << 2 | b >> 4); if (n-- > 0) xorit(b << 4 | c >> 2); if (n-- > 0) xorit(c << 6 | d); } if ( (n=getchar()) != '\n' ) { fputs("xorit: bad uudecode input\n", stderr); exit(1); } } exit(0); } SHAR_EOF if test 990 -ne "`wc -c < 'xorit.c'`" then echo shar: error transmitting "'xorit.c'" '(should have been 990 characters)' fi fi # end of overwriting check echo shar: extracting "'patchfile'" '(5128 characters)' if test -f 'patchfile' then echo shar: will not over-write existing file "'patchfile'" else cat << \SHAR_EOF > 'patchfile' begin 666 patchdata M +9KI( @ M M M M M M M M M M ..Y@ M:-^03EY"*6PJ_^1..A&-U_!> #*F4$RT@&@Z7-XX?+=L!IX=]6PX_^Q8WP@\ MW8QV &RH,_PX %=?8'".@"56"FZL:$)N <Q:GP@,17!P#YPB[&@50*UO$$:; M[I(^O4*)Z 4(;A*K@S 17!P#YP"[ED50,?L,H5=3DEHD@H !4 %+_[.5, M 'S0@-PM.[$8?#@ 7M]@$(Z )68^P$(\("[S1_FQ*@#R_-"!(USSN1(Q-%RC M,!I\2(!%S#'\. !>*& !OH!/QG8 :5S3'S(RZ("1 /+\T($I##.#U8AX@U!, MMH!@MF8P2 !(6FC#.P@ ?-" W8PV,0@#I0EBP<?UT($O<! P)0Y:L6# HPEJ MO>6)W8PP32@ 18Y:\,^)F !JO=*!W8\P32@ 19%:\,V)F !JO="!+W,2,241 M6K!@P9H F$#+]="!+VP2,2\$FT10\-B!:OA(Q"T2][D, &C]2,'E9?*%Q/T" M 0<%PD0P,2A\2(1$*0(' 0DF 2!]$8$D[ )XYH$.[R(%\P J 2!]$8$D[0)X MY($.[B(%$X H 3']* !>;5(,5 %O ?\C9X%(, %ZS(T.@%(@5E!"GQ2 M@WSCIK%E -U>=@!LO#)-. "X!3!,. !$+%E!&GQ2@WS+IK%ERE1\8!0L\!(Q M-(R3?2!\#,P='2F! +"2NG_Q0;+"N\V1,?/XV>LQQFQA\. !> M#V00CH E9!ILWY1P$+PBW91N /*:9[%8*AA\($DNC@6Q : 3CBEOQMT'J, M0EX@? RL%ZTH, :,EJPC/]. !>"& 1OH!/OG8(<Z(8?%*#=ERFL%78!&Y( M_-V,3EY"_EYG]^AJ@ T['!, #*/4#RV@&#D#MXH/*UR/ASZ]2.XB^@HQ'8\ MG^I4!!(*LO_BH \\0C$*?%*"?7ZG $7N)H,RJ 8'UII-Y""$P"WBJ")N DZ M;$B$1?A9!$\&(L/F AW%F#QMX%^^'!3[OE1N8 0X;$B$1?@(M$\&(L+$PME" M0U)T &TH;L;[F'A<0G @? ;4'(UJ, <@ @ M M M M M 9@ M M M M M M M M M M M M M M M M M M M M M M M M M M ' ( /X " !0 @ M ?@ !( /N '@ #H M !N ; 0 * M #@ P $ @ >@ !X M " & "@ !( " R M &@ ( '@ < #@ !( M #^ "@ !@ " 0 M /@ ( !\H !* 9@ H M > @ M M M M M M M M M M M M M M X@ * '@ end SHAR_EOF if test 5128 -ne "`wc -c < 'patchfile'`" then echo shar: error transmitting "'patchfile'" '(should have been 5128 characters)' fi fi # end of overwriting check set -e echo "Extracting the old crypt.o from libc..." ar x /lib/libc.a crypt.o mv crypt.o ORIGcrypt.o echo "Making the patch..." cc -o xorit xorit.c ./xorit ORIGcrypt.o patchfile > crypt.o echo "Installing the new crypt.o into libc..." ar r /lib/libc.a crypt.o mv crypt.o NEWcrypt.o cp ORIGcrypt.o /lib # Save a copy for future reference echo "Cleaning up..." rm xorit xorit.c patchfile echo "All done." # End of shell archive exit 0