Date: Thu, 13 Aug 2015 20:07:03 -0500 From: "jfoug@....net" <jfoug@....net> To: john-dev@...ts.openwall.com Subject: Re: episerver UTF-8 On Thu, 13 Aug 2015 19:35:57 -0500, Lei Zhang <zhanglei.april@...il.com> wrote: > BTW, I think 3*PLAINTEXT_LENGTH means that we assume Yes, this is an 'assumption' > each UTF8 char to be no larger than 3 bytes. Is that assumption true? Or > 4-byte UTF8 chars are too rare to be considered? In real world, they are somewhat rare. But your point is valid. There could certainly be a string of X 4 byte utf8 (there are even 5 byte utf8 characters) which cause something that should handle 25 characters to not be able to handle a string of 25 4 (or 5) byte utf8. But we simply have drawn a line in the sand where reality vs theoretical limits come into play. > And what does that 125 mean? This is a 'limit' imposed by john (proper). 125 BYTES (not characters), is the max size of a line read from a password file. We really should think long and hard about this limit, as we move to 'real' 32 bit Unicode support inside of the jumbo JtR Jim.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ