Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 09 Apr 2013 13:26:40 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
To: john-dev@...ts.openwall.com
Subject: Re: testing all valid()s

On 2013-04-09 01:36, Dhiru Kholia wrote:
> Strange. I fixed the mozilla format earlier today.

There are no checks for lengths of fields in mozilla format so that they 
could easily overflow fixed-sized buffers in KeyCrackData structure. And 
john crashed at least on this:

$mozilla$*3*1*1*00*1*00*255*000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*1*00

Another problem is that salt_struct->keyCrackData.oidLen (instead of 
salt_struct->keyCrackData.encDataLen) is used as a length for 
salt_struct->keyCrackData.encData in get_salt.

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.