Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 13 Dec 2012 07:52:26 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: krb5pa-sha1 crash

On Thu, Dec 13, 2012 at 3:25 AM, magnum <john.magnum@...hmail.com> wrote:
> Still can't reproduce. Are you running 32-bit? Make a debug build, throw it at gdb and tell me where it crashed.

I am using 64-bit Linux and I am able to reproduce the crash every
time. However, turning on debugging makes the crash go away.

✗ cat crashing-hash
AD.EXAMPLE.COMaduser:$krb5pa$18$AD.EXAMPLE.COMaduser$ad$AD.EXAMPLE.COMaduser$64dfeee04be2b2e0423814e0df4d0f960885aca4efffe6cb5694c4d34690406071c4968abd2c153ee42d258c5e09a41269bbcd7799f478d3

Clang's asan crashes too but at a strange location.

ERROR: AddressSanitizer stack-buffer-overflow on address
0x7fff50cf4ff7 at pc 0x4cdcad bp 0x7fff50cf4cd0 sp 0x7fff50cf4cc8
WRITE of size 1 at 0x7fff50cf4ff7 thread T0
    #0 0x4cdcad in hmac_sha1_data /home/dsk/JohnTheRipper/src/gladman_hmac.c:87
Address 0x7fff50cf4ff7 is located at offset 567 in frame <derive_key>
of T0's stack:
  This frame has 5 object(s):
    [32, 52) 'uu'
    [96, 116) 'ux'
    [160, 324) 'c1'
    [384, 548) 'c2'
    [608, 772) 'c3'

Fixing this overflow might not (or might) solve the original problem.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ