[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Sep 2015 12:38:00 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags
Jim,
On Thu, Sep 10, 2015 at 04:00:03PM -0500, JimF wrote:
> On 9/10/2015 3:47 PM, Solar Designer wrote:
> >Why isn't AFS on the list, though? Is it because I've just patched it?
> >Or is it because your test failed to detect it as buggy? (Kai's did.)
>
> My test did not catch it, because my test does not give a crap about the
> flag. Everything in taht format 'was' correct, except the flag was
> missing. My method actually 'tests' the bug.
I disagree that everything in AFS except the flag was correct. AFS uses
hex-encoded strings. Until my fix yesterday, AFS accepted arbitrary and
mixed-case hex encodings. It uses fmt_default_split().
I think your test, as you describe it, should have caught the AFS bug.
That it did not tells me that there's probably a bug in your test that
you'd want to identify.
Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
