Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 Nov 2011 02:25:04 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: LM & NT prepare() segfaults

Jim -

On Tue, Nov 08, 2011 at 04:02:34PM -0600, jfoug wrote:
> NOTE, in loader, all nulls get set to "", so it is likely that is the proper
> thing to add to the pot loading.  Simply make sure that all array elements
> past the first 2, are set to "".  There is NO information in the pot file
> that can help the prepare function, beyond the first 2 elements anyway (both
> of them being the hash.

Yes, this might be the right way to deal with the issue.

It turns out that besides LM's and NT's prepare(), which I patched
before -jumbo-8, at least NETNTLM is affected as well.  It actually
segfaults on me in -jumbo-8 now when I have some entries in the pot.
Maybe some others are affected as well.

I'd appreciate it if you look into this and upload a patch - having all
prepare()'s check for NULL before using fields beyond the 2nd and/or
having the loader set those to "" when parsing the pot.

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.