[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 25 Mar 2015 22:52:13 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Ideas for the robustness gsoc task
Below is the current ideas for the robustness gsoc task. Is it right?
Note: I changed "- fuzz chr files" -> "- fuzz those listed sources of
input data"
Fixing input data handling
~~~~~~~~~~~~~~~~~~~~~~~
- List sources of input data and classify its trustworthiness (discuss in
john-dev).
Preliminary, from untrusted to less untrusted:
-- input data for 2john tools
-- hashes
-- wordlists
-- rules
-- chr
-- config files (non-rules parts)
-- command line options
-- environment variables
- Review and revamp valid(), salt() etc. in all(?) formats:
- Review wordlist loading and rules application
- Review handling of other input data
- Review other parts of the code
- fuzz those listed sources of input data
- (Dynamic analysis and Fuzzing) Build for different platforms: at least
32-bit, ideally big-endian
- Test with increased LINE_BUFFER_SIZE
Thanks
Kai
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
