Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 28 Nov 2011 16:58:18 -0600
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: 1.7.9-jumbo

Submitted Patch 0012 for 1.7.9-jumbo.   The changes in MD5, to do the
dynamic allocation, required (at least on my builds), that the allocated
buffer is properly set to NULL bytes.  There is a strlen() call within
sse-intrinsics.c (in the md5crypt), which if that buffer is not allocated
properly, returned at 52k length of password, opps.

Patch 0012 simply memsets the allocated buffer, within md5_fmt's init call.

Jim.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.