Slashdot Mirror

← Back to Stories (view on slashdot.org)

Serious Crypto Bug Found In PHP 5.3.7

Posted by timothy on from the pronounced-pfffffpp dept.

Trailrunner7 writes "The maintainers of the PHP scripting language are warning users about a serious crypto problem in the latest release and advising them not to upgrade to PHP 5.3.7 until the bug is resolved. PHP 5.3.7 was just released last week and that version contained fixes for a slew of security vulnerabilities. But now a serious flaw has been found in that new release that is related to the way that one of the cryptographic functions handles inputs. In some cases, when the crypt() function is called using MD5 salts, the function will return only the salt value."

9 of 165 comments (clear)

  1. Regression tests are for wimps! by Niac · · Score: 5, Insightful

    Who cares about testing security code for regressions?

    I'm seriously astounded that the php development community doesn't have acceptance testing around this sort of thing. In this day and age, why on earth is it the case that bugs like this get through?

    --
    http://gabrielcain.com/
    1. Re:Regression tests are for wimps! by rainmayun · · Score: 4, Insightful

      True, PHP has a history of "winging it", but by now they should be doing a pretty damn extensive suite of regression tests against each release candidate, if not each build. At this point in its life and supposed maturity, the PHP Group should really be doing better.

    2. Re:Regression tests are for wimps! by thue · · Score: 4, Informative

      From the Bug report:

      > Confirming, some very recent update broke it - right now unit tests fail on SVN. I wonder if nobody run it before release?

      So they do have a unit test for that. They just didn't run it before release :).

    3. Re:Regression tests are for wimps! by Arancaytar · · Score: 4, Insightful

      Unit tests are slow and they almost always pass. When you're in a rush to release, sometimes you feel lucky.
      Of course, you're not. That's the whole point of unit tests...

    4. Re:Regression tests are for wimps! by Chuck+Chunder · · Score: 4, Informative

      1) The problem was found and announced by "the php development community," and presumably found by them, too (admittedly, not prior to release).

      That seems entirely incorrect. According to the bug report it seems to have been found by someone external, it was found in a release candidate not the released version and seemingly filed before the release was made.

      2) Why aren't you involved in acceptance testing, if you see a problem with how it's being done?

      Speaking for me, we pay Zend for server licences and imagine that in someway contributes to a professionally run project. Though I have to say we are becoming increasingly unsure as to whether we get any value for money for that, of the security fixes that 5.3.7 fixed I haven't noticed any of them being pushed to Zend Server in a priority fashion and I don't think we've ever had a single support question resolved satisfactorily. Sometimes being a Zend customer seems merely to open you up to sales pushes.

      --
      Boffoonery - downloadable Comedy Benefit for Bletchley Park
  2. Re:Perhaps THIS is the reason why THIS occurs? by ledow · · Score: 4, Funny

    Did you know that houses were the favoured target of burglars? Quick! Sell your house and buy a bungalow! Even though only 1% of houses are bungalows, they're attacked only 1% of the time if you consider all burglaries!

    It's like saying "cars most likely target in car thefts".

    Dickhead.

  3. Re:PHP Bug #55439 FIXED (Aug 20) by nedlohs · · Score: 4, Informative

    Nope.

    $valid will be the return value of crypt which will be true in the non-broken code as well.

    $crypted == crypt($pw, $salt)

    will always be true in the broken code, if $crypted was created with any old password and the same salt.

    Of course if you have existing such password, they'll always match false, so no one is going to be able to change their password and trigger the problem anyway :)

  4. Most distributions *not* affected by this! by GPLHost-Thomas · · Score: 4, Informative

    The internal crypt() function of PHP is only there whenever the system function doesn't exist. So for example, in Debian, only the blowfish encryption is affected, all other encryption are using the system. Here's Ondrej post about it:

    http://lists.alioth.debian.org/pipermail/pkg-php-maint/2011-August/009328.html

    I am guessing that this will be the case in most Unix distribution, but it will be an issue on platforms like Windows. So, maybe this is just too much buzz...

  5. Re:PHP can't get better. It drives away anyone goo by EvanED · · Score: 5, Insightful

    I think that the post you replied to was a bit extreme, but it's not the bug in the library function that caused him to say that: it's the fact that the PHP project lacks the testing infrastructure that any reasonable project of that size would have.

    Anyone can commit a bug; that's easy and excusable. What makes it look like PHP is developed by a bunch of 12 year olds is the fact that they have a test suite with a test that exhibited the bug, and yet no one ran it before they made a release, because they've got too many failing tests so it just got swamped in with that noise.

    I'm working on some dinky pieces of research software, and while we probably don't have as extensive a test suite as PHP does, we have a way better testing regimen. A project like PHP should have a CI server that runs their tests at least nightly, and a release shouldn't be made while there are failing tests. That's what expected failures are for. (They even know about expected failures, but still have over 200 failing tests for some reason.) Even we've got that.

    It's the QA that's messed up, not the coding.