Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 17 Jan 2012 18:43:00 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Recent CVS patches

On 01/17/2012 04:14 PM, magnum wrote:
> On 01/17/2012 03:32 PM, magnum wrote:
>> Maybe you should alloc more memory than needed to the binary/salt
>> copies, but mark the excess with a canary and check afterwards? I'll try
>> that and see what happens.
> 
> Tried that, not a single format fails. I *really* thought some Jumbo
> format would write a \0 in the first byte :)

I'm only 99% sure what is happening but the enclosed patch removes 267
complaint contexts from Valgrind in Jumbo (but these problems did not
result in any test fails). There are still a couple of problems
(actually 14, including trip as described below) but these I think are
actual bugs in the formats and false positives.

I suppose this is due to some formats just copying the pointer in
set_salt() (in core John, this is not an issue afaik) and it still
points to the now freed salt_copy from previous alignment tests. Does
that make sense to you?

BTW here is Valgrind's verdict on trip_fmt. I assume they are false
positives, this type often is.

==8666== Conditional jump or move depends on uninitialised value(s)
==8666==    at 0x42439D: crypt_all (trip_fmt.c:327)
==8666==    by 0x47F62A: fmt_self_test_body (formats.c:135)
==8666==    by 0x47FA13: fmt_self_test (formats.c:221)
==8666==    by 0x476E8A: benchmark_format (bench.c:138)
==8666==    by 0x4778D2: benchmark_all (bench.c:448)
==8666==    by 0x482E9B: john_run (john.c:483)
==8666==    by 0x48336D: main (john.c:675)
==8666==
==8666== Conditional jump or move depends on uninitialised value(s)
==8666==    at 0x406B07: DES_bs_set_key (DES_bs.c:193)
==8666==    by 0x42466F: crypt_all (trip_fmt.c:415)
==8666==    by 0x47F62A: fmt_self_test_body (formats.c:135)
==8666==    by 0x47FA13: fmt_self_test (formats.c:221)
==8666==    by 0x476E8A: benchmark_format (bench.c:138)
==8666==    by 0x4778D2: benchmark_all (bench.c:448)
==8666==    by 0x482E9B: john_run (john.c:483)
==8666==    by 0x48336D: main (john.c:675)

magnum

View attachment "bench.c.diff" of type "text/x-patch" (364 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.