Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 11 Mar 2015 19:29:27 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: john-jumbo bug

On 2015-03-11 19:24, Frank Dittrich wrote:
> On 03/11/2015 07:12 PM, 张 磊 wrote:
>> There’s seems to be a bug in file mssql12_fmt_plug.c (john-jumbo).
>>
>> The variable ‘max_keys’ gets defined in line 107, if the macro ‘MMX_COEF_SHA512’ is predefined.
>> But the use of ‘max_key’ in line 186 doesn’t check if ‘MMX_COEF_SHA512’ is predefined. So variable ‘max_keys’ might be undefined here.
> 
> What is the latest bleeding-jumbo commit, and what local changes do you
> have in your repository?
> 
> In my local repository, the latest commit is
> f6af7d71df255c87fafb4cb9a7d46886e9f7369a.
> 
> This is line 109 of mssql12_fmt_plug.c:
> static int max_keys;
> 
> This is line 171:
> 	max_keys = self->params.max_keys_per_crypt;
> 
> Both are inside
> #ifdef MMX_COEF_SHA512
> ...
> #endif
> 
> There is no other use of max_keys, and no use of max_key.
> Please check and clarify.

It was indeed used in clear_keys() in line 186 as Lei said, and it
lacked the #ifdef wrapping at that place. Fixed now.

magnum


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ