Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 16 Sep 2015 04:58:04 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: ldr_split_line() performance regression

On Wed, Sep 16, 2015 at 03:49:44AM +0200, magnum wrote:
> On 2015-09-16 02:16, Solar Designer wrote:
> >There's some ridiculous stuff in ldr_split_line() in jumbo now, such as
> >repeated uses of cfg_get_bool().  This (or/and something else) made JtR
> >unusably slow for me when not forcing a specific format.  Just try
> >running it on pw-fake-unix from:
> >
> >http://openwall.info/wiki/john/sample-hashes#Sample-password-hash-files
> >
> >without requesting any format.  It takes tens of seconds to load that
> >tiny file now, which was previously loaded instantly.
> >
> >Please keep any non-trivial processing out of ldr_split_line(), or at
> >least limit it to only be done once (e.g., by using static variables).
> 
> Ouch! I use to be careful with these things... but the ones for 
> "Disabled formats" were really bad. Fixed now, and loading of that 
> sample literally went from 2 minutes to 900 ms on my laptop...

Thanks.

Arguably, 900 ms is still too much for this sample.  On my Pentium 3,
this command:

time john -w=/dev/null pw-fake-unix

takes 200 ms:

real    0m0.215s
user    0m0.097s
sys     0m0.035s

with non-jumbo john.  I understand that jumbo has a lot more formats to
check each line against (for printing of those warnings), but perhaps
there's something else going on as well.  Even with cfg_get*() moved out
of ldr_split_line(), that function is still a lot more complex than it
is in core.

> I already intended to audit all use of cfg_get* some day, because I 
> suspect there may be more problems.

Quite possibly, yes.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ