Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 12 Mar 2011 12:08:58 -0600
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: New update to md5-gen, AND changes to the john core 'format' structures. (diff posted to Wiki)

>From: magnum [mailto:rawsmooth@...dband.net]
>>> Fwiw I think I saw a misformatteded NT-format (using $NT$)
>>> hash file result in segfault
>> Please try to get an input file.  There is some strangeness in the NT
>Here is an input file that produce a segfault. 

Found and working on fix.  It was within loader.c  ldr_split_line()
function.  With changes made, that function worked directly with the
fmt_main->format item.  If there was a line that was not valid (the last 5
lines in the file you provided are not valid), then this pointer was changed
to a null.

Later, john would be told there WERE a number of values found, but then this
pointer is null, which would then be used and crash.

Found it.  I had removed the whole 'if' statement that people had complained
about for the 'options->single_salts'.  Well, that if still needs to be
there.  Just the internal if needs gone.  I have put this back into the
code, but have commented out the single_salts logic, which is logic I had
added a couple years ago, but which appears to only work properly on certain
formats.

if (*format) {
//	if (db_options->single_salts->head)
//	{
//		char *salt = (char*)(*format)->methods.salt(*ciphertext);
//		if (ldr_check_list(db_options->single_salts, salt,
*ciphertext))
//			return 0;
//	}
	return (*format)->methods.valid(*ciphertext);
}

I have added comments on the part needing removed.  With this change,
loader's ldr_split_line() is back working properly. The first 'found' format
is used from that point on.

Jim. 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ