john-dev - Re: --test-full=0 crashes the Bitcoin format

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date: Wed, 19 Aug 2015 21:54:19 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: --test-full=0 crashes the Bitcoin format

On 2015-08-06 18:38, Solar Designer wrote:
> Kai, magnum -
>
> Flag bugs aside, this feature as committed to magnum's jumbo triggers
> memory corruption:
>
> [solar@...er run]$ ./john --test-full=0
> [...]
> Testing: asa-md5, Cisco ASA [Cisco ASA (MD5 salted) 128/128 AVX 4x3]... PASS
> Testing: bfegg, Eggdrop [Blowfish 32/64]... (32xOMP) PASS
> Testing: Bitcoin [SHA512 AES 128/128 AVX 2x]... (32xOMP) *** glibc detected *** ./john: double free or corruption (!prev): 0x000000000224a770 ***

I replaced the EVP stuff in bitcoin with our own aes.h stuff in 0e2beec 
and have yet to trigger the bug since. Perhaps Kai can test it some more.

If we do get some variant of the problem again (I doubt it), it'll 
likely be easier to debug and/or detected by ASan.

I'll open an issue for finding more uses of EVP and/or BIO that we can 
get rid of. High-level stuff and abstraction layers are often Bad 
Ideas[tm] in high-performance code anyway.

magnum

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.