Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 26 Aug 2011 16:49:13 -0500
From: "JimF" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: Re: #include "john.conf2" (a wish list item)

From: "Lukas Odzioba" <lukas.odzioba@...il.com>

>>2011/8/26 jfoug <jfoug@....net>:
>>  When cfg_init() returns, I decrement the recursion level. If
>> the recursion level exceeds 4, then john bails out with an error message 
>> (to
>> avoid john.conf including john.confx which includes john.conf, or some
>> similar sillyness).
>
>Does it really eliminates cycles in include graph? I don't know the
>code but is it ok when john.conf includes john.conf, and even with
r>ecursion level restricion will be processed four times? Maybe it
>would be better to just have table of processed filenames, and before
>processing next included file seek it in table. This way we don't care
>about recursion level.

It certainly 'could' be done that way, but there is quite a bit more code, 
and I am not sure what gain there is.

Here is the totality of code to check recusion levels.

int recurse;

in load_line  when processing a line, a new 'include' is detected.

if (recurse > 4) exit fprintf("boom, you lose\n");
++recurse;
cfg_init(new_file_name);
--recurse;

Then within cfg_init()

if (cfg_data && !recurse) return;
while (getnextline) load_line()


That's it.  I doubt it can be made any simpler than that, and I will assure 
you, improper recursion will not crash john.   No table building, table 
table checking logic at all.  You can still include files that include 
others, and have dozens of include. That is no problem at all.  If we find 
that 4 levels of including is not enough, then a simple line change can 
increase that.  But 4 levels deep 'should' be plenty.

Jim. 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ