Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 10 Dec 2012 04:27:23 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: fixing the valid() methods (was: Static analysis of John using Coverity)

On Wed, Sep 19, 2012 at 01:15:37AM +0400, Alexander Cherepanov wrote:
> On 2012-09-17 01:23, Alexander Cherepanov wrote:
> > And I suspect that every format with trivial valid() -- there are
> > ~40-50 of them --  have buffer overflows in get_salt and/or similar
> > functions. You don't need a code analyzer to find them.
> 
> To have something for a start here are crashers for 36 formats:
...

These are being tracked on the wiki:

http://openwall.info/wiki/john/JtR-valid-bugs

and Dhiru is now working on fixing them, usually "by copying get_salt
logic to valid" (in his words).  Does this mean code duplication?  If
so, that's not great.  Also, were not some of the crashes in get_salt()
itself?  If so, more robust code needs to be written for valid(), not
the overly trusting code copied from get_salt().  Alexander - can you
look at the few formats that Dhiru reported as fixed (on the wiki) and
comment on whether the fixes are right, please?  Thank you!

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ