Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 17 Mar 2015 00:02:46 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Change john to fuzz fast with AFL

Hello,

I am trying to make it fast to fuzz with AFL. I changed something like
encryption and
decryption. But I wonder should I change the function below ?

https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/src/siemens-s7_fmt_plug.c

static void s7_set_key(char *key, int index)
{
    int saved_key_length = strlen(key);
    if (saved_key_length > PLAINTEXT_LENGTH)
    saved_key_length = PLAINTEXT_LENGTH;
    memcpy(saved_key[index], key, saved_key_length);
    saved_key[index][saved_key_length] = 0;
    new_keys = 1;
}

I found the s7_set_key() invoked frequently, and the memcpy() wastes time.
So can I pass the
memcpy() ? Such as below:

static void s7_set_key(char *key, int index)
{
    int saved_key_length = strlen(key);
    if (saved_key_length > PLAINTEXT_LENGTH)
    saved_key_length = PLAINTEXT_LENGTH;

#ifndef AFL_FUZZING

    memcpy(saved_key[index], key, saved_key_length);

#endif

    saved_key[index][saved_key_length] = 0;
    new_keys = 1;
}

If I can do this and finally find a segment fault bug, Is that a really bug
? ( I am not sure
because the source code are different when fuzzing )

Thank you,

sincerely,

Kai

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ