[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 30 Jun 2012 05:05:15 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: asan report
>From: magnum Sent: Saturday, June 30, 2012 4:55 AM
>I think I see now. It's just the self-tests. For example, one self-test
>does:
>
> format->methods.set_key("", index);
>
>I think we should "fix" the self-tests, not the formats. If anything.
I was just going to reply the same thing.
We are reading past buffer, by up to 3 bytes, but properly detecting and
handling it internally.
However, in the self test, we are dealing with const strings, of known size.
Thus, on a picky compiler, it will not allow this. Simple fix. Put a
buffer on stack in self test, large enough for the work, and use it. This
would also allow us to force a non-aligned input for the password also.
Jim.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ