Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 29 Dec 2012 19:01:14 +0100
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: New self-test for maximum length

On 12/29/2012 05:53 PM, magnum wrote:
> I just threw this in with devastating results:
> 
> commit f49d2c56531de71da2a03c0e28c8bc939cce376b
> Author: magnum <john.magnum@...hmail.com>
> Date:   Sat Dec 29 17:25:46 2012 +0100
> 
>     formats.c: Add a self-test that puts maximum length candidates in all
>     buffer positions and then read them back to verify. This finds incorrect
>     claims of PLAINTEXT_SIZE as well as most kinds of key buffer over-runs.
>     It found 15 problematic formats right away.

[...]

> 
> I have no idea why I did not get the idea long ago. Unlike the "valid() killer" test that is only active with -DDEBUG, this one doesn't seem prone to segfault so it's always active. This is the current results on my 64-bit machine:
> 
> $ make -sj8 macosx-x86-64 && ../run/john -t=0 | grep FAIL
[...]
> Benchmarking: SAP CODVN B (BCODE) [128/128 SSE2 intrinsics 12x]... FAILED (max. length in index 0: wrote 8, got 0 back)

Did you use a password consisting of spaces?, since SAP ignores trailing
spaces, this could be somehow expected.

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ