Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 6 Sep 2006 23:42:39 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re:  Re: "Extra" in incremental mode not fully working - john17 stuckdumped

On Tue, Aug 29, 2006 at 01:35:41PM +0000, Radim wrote:
> I couldn't help myself to provide additional info. I've tried my Extra option 
> with the official windows builds of john and I've managed to stackdump the 
> original 1.7 release with it:
> ---
> john17 -in:Alphacz4 --stdout > alphacz4.out
> Warning: only 35 characters available
>       3 [main] john17 2812 handle_exceptions: Exception: STATUS_ACCESS_VIOLATION

Yes, John 1.7 and below did not check for all possible misconfigurations
of "incremental" mode settings or charset files, so you could make it
crash like that.  In your case, the misconfiguration is the use of
characters beyond the compile-time CHARSET_MAX in Extra.

JtR 1.7.0.1 and above includes extra sanity checking, so such crashes
should not be possible anymore (except with external modes accessing out
of bounds array locations).

> The 1.7.0.1 is behaving better, but it still throws somewhat misleading message 
> with the official alpha.chr:
> ---
> Incorrect charset file format: alpha.chr

Oh, yes, there's a bug:

	if (expand(allchars, extra ? extra : "", sizeof(allchars)))
		inc_format_error(charset);

I used inc_format_error() on all expand() errors, which is correct for
all but this one.  "Extra" doesn't come from a .chr file, so this
expand() call should be split into two - one to check allchars (which
does come from a .chr file) and the other to add the Extra characters
and check them.  The error message on the second call's failure should
be different.

Thank you for the bug report!

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ