Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 17 Jun 2012 01:33:51 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Re: [patch] optional new raw sha1 implemetation

On 2012-06-17 01:30, magnum wrote:
> On 2012-06-17 01:28, magnum wrote:
>> On 2012-06-17 01:25, Tavis Ormandy wrote:
>>> Regarding switching memrchr to strrchr, I dont think this is correct,
>>> they are strings on input, but I store them in a format that can be
>>> converted to SHA-1 input very quickly and there is no guarantee there
>>> is a nul byte at the end.
>>
>> Yes but we search for 0x80 and this *will* be present. I see no problem,
>> and it works just fine.
>
> Oh, I see what you mean now. You are probably right we should change this.

On a third thought, are we not actually guaranteed there will be a zero 
byte? They are zeroed in set_key().

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ