alpine 3.7
crypto weakness #296

4

Weakness Breakdown


Definition:

This weakness involves creating non-standard or non-tested algorithms, using weak algorithms or applying cryptographic algorithms incorrectly. Algorithms that were once considered safe are commonly later found to be unsafe, as the algorithms were broken.

Warning code(s):

The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment.

File Name:

mkinitfs/src/mkinitfs-3.2.0/nlplug-findfs.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 crypto weakness.

 	if (crypt->header.devnode[0] == '\0' && searchdev(ev, crypt->header.device, 0)) {
		strncpy(crypt->header.devnode,
			crypt->header.device[0] == '/' ? crypt->header.device : ev->devnode,
			sizeof(crypt->header.devnode));
		/* if we also have found data dev, then we are ready to
		   start cryptsetup */
		return crypt->data.devnode[0] != '\0';
	}
	return 0;
}

static void uevent_handle(struct uevent *ev)
{
	struct ueventconf *conf = ev->conf;
	int found;

	if (!ev->subsystem || strcmp(ev->subsystem, "block") != 0)
		return;

	if (strcmp(ev->action, "add") != 0 &&
	    strcmp(ev->action, "change") != 0)
		return;

	snprintf(ev->devnode, sizeof(ev->devnode), "/dev/%s", ev->devname);
	pthread_mutex_lock(&conf->crypt.mutex);
	found = searchdev(ev, conf->search_device, (conf->apkovls || conf->bootrepos));
	pthread_mutex_unlock(&conf->crypt.mutex);
	if (found) {
		founddev(conf, found);
	} else if (search_cryptdevs(ev, &conf->crypt)) {
		start_cryptsetup(conf);
	}
}

static void uevent_mdev_done_cb(void *ctx, int status)
{
	struct uevent *ev = ctx;
	uevent_handle(ev);
	uevent_unref(ev);
}

static void uevent_dispatch(struct uevent *ev)
{
	struct ueventconf *conf = ev->conf;
	int add;

	if (conf->subsystem_filter && ev->subsystem
	    && strcmp(ev->subsystem, conf->subsystem_filter) != 0) {
		dbg("subsystem '%s' filtered out (by '%s').",
		    ev->subsystem, conf->subsystem_filter); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.