md5sum makes unaligned word accesses...
Andre
armcc2000 at yahoo.com
Fri May 12 23:49:43 UTC 2006
--- Rob Landley <rob at landley.net> wrote:
> On Friday 12 May 2006 4:56 am, Andre wrote:
> >
> > Allocating a bounce buffer in md5_hash_block() would be a
> > solution if md5_hash_block() really needs to be public (it used
> > to be static in 1.1.0 ??)
>
> My stalled passwd cleanup (too late to get it into 1.2.0) is
> calling that and sha1sum directly. Then you can configure out
> support for legacy crypt and don't need libcrypt at all.
Any reason why your passwd cleanup can't use the higher level
function md5_hash_bytes() ??
Calling right down to the lowest level block transform function seems
like a pointless way to save a few cycles - not to mention being
broken if you ever need to hash data which doesn't come in an exact
multiple of the 64 bytes...
Actually, the current md5_hash(), md5_hash_bytes() and
md5_hash_block() API is broken anyway (regardless of alignment
issues). Mixing calls to md5_hash_bytes() and md5_hash_block() isn't
safe unless (ctx->buflen == 0) at the point you switch from the
former to the later. md5_hash() contains no such check.
Instead of 3 functions to do almost the same thing, maybe it would be
better to have a single function with no implicit restrictions on
input buffer length (or alignment) ??
Andre
--
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the busybox
mailing list