Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 3 Jul 2012 10:18:39 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: plans for 1.7.9-jumbo-7, new formats interface, 1.8

On Tue, Jul 3, 2012 at 9:46 AM, jfoug <jfoug@....net> wrote:
> Speaking of Radmin,  I get this when running under VC, in debug mode (has
> stack checking on by default).  (-test=0)
>
> Benchmarking: RAdmin v2.x MD5 [32/32]...
> (0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
> corrupted.
> (0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
> corrupted.
> So somewhere, we have some memory issues.  When I run a -test=1 -form=radmin
> I get a ton more of those messages.  From the 2 vars, it looks like
> something in crypt_all.

Can't reproduce this under clang-debug or gcc's -fstack-protector. I
don't have a Windows development box to debug this. Can you please see
what is wrong in crypt_all? (Try replacing strcpy with strncpy for a
start).

> One other big issue I see here, is when you allocate crypt_out, it MUST be
> done MEM_ALIGN_WORD.  You later access this as a ARCH_WORD_32. On systems
> that do not allow unaligned access (sparc for one), it will core.

Fixed now. Thanks!

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ