Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 Aug 2012 19:05:27 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Serious bug in -fixes and all other branches

We have a serious loader problem. It often segfaults while reading a pot
file containing other formats than what we are loading. This is in all
branches, including -fixes :(

I think it was introduced in this commit in -fixes of Aug 9:

1c637ba "dynamic: $HEX$ fixes" by JimF

specifically, these lines in ldr_load_pot_line() in loader.c:

-       if (format->methods.valid(ciphertext,format) != 1) return;
-
-       ciphertext = format->methods.split(ciphertext, 0);
...
+       if (format->methods.valid(ciphertext, format) != 1) {
+               ciphertext = format->methods.split(ciphertext, 0);
+               if (format->methods.valid(ciphertext, format) != 1)
+                       return;
+       } else
+               ciphertext = format->methods.split(ciphertext, 0);

after that patch, we call split() even though valid() returned false. I
believe that is wrong, right? If this is supposed to be allowed, I fear
we have a lot of work to do in a lot of formats :-/

Also, I'm not sure what this has to do with $HEX$? Is some of that
functionality done in dynamic's split()? So maybe if the above is
reverted/fixed, the $HEX$ functionality need to be revised?

Bottom line: I do not dare committing any fix until the above questions
are answered.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ