Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 06 Jun 2012 12:40:24 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: RAR bug (was: off-list)

On 06/06/2012 11:02 AM, magnum wrote:
> On 06/05/2012 Solar Designer wrote:
>> Here's what I got:
>>
>> $ ./john -w=password.lst -ru pw-rar
>> Loaded 1 password hash (RAR3 [32/64])
>> Self test failed (cmp_one(3))
>>
>> This happened just once. Repeating the command did not reproduce it
>> (cracking started fine). I think the machine's hardware is fine. This
>> could be some bug in the code triggered by specific address layout.
>> (ASLR is enabled.)
>
> Yes, I have seen this occasionally. It happens with CPU or OpenCL code,
> and with OMP or not. I just can't find the reason! I have audited the
> code (I never hit the bug when debugging) and I can't see what could be
> wrong.

By the way, I think it is always cmp_one(3) and this means it's the -p 
-m3 test, that is the libclamav unrar code path that fails. I have 
looked at all initializations and I can't see anything amiss.

I know just a little about ASLR. I don't see how it could trigger a 
thing like this? Could it be a buffer overrun that only get serious with 
some layouts? Wouldn't the relative layout be the same within any 
segment, and within the stack?

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ