Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Jun 2007 03:59:18 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Strange bug when testing --format=ssha

On Fri, Jun 22, 2007 at 02:30:56AM +0400, Solar Designer wrote:
> I'm afraid that this needs to be debugged for real.  Determine just what
> and when starts to differ between successful and failed tests.

Well, the thing that differed was the ordering of keys tried by the last
iteration of the previous benchmark (for multiple salts).

NSLDAPS_fmt.c: set_key() assumes that keys are always set up starting
from index 0.  Not only may this assumption break with future versions
of JtR, but also the code did not take into consideration that sometimes
crypt_all() and cmp_all() may be called with fewer than the maximum
number of keys to test.  In that case, some state would be left from the
previous set of keys tried.

Please try the attached patch.  It should fix the immediate issue that
caused those test failures (it does for me).

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

diff -urp john-1.7.2-all-7/src/NSLDAPS_fmt.c john-1.7.2-all-7-ssha-fix/src/NSLDAPS_fmt.c
--- john-1.7.2-all-7/src/NSLDAPS_fmt.c	Wed Jun  6 14:47:45 2007
+++ john-1.7.2-all-7-ssha-fix/src/NSLDAPS_fmt.c	Thu Jun 21 23:36:03 2007
@@ -35,7 +35,7 @@
 #ifdef MMX_COEF
 #define MIN_KEYS_PER_CRYPT		MMX_COEF
 #define MAX_KEYS_PER_CRYPT		MMX_COEF
-#define GETPOS(i, index)		( (index)*4 + (i& (0xffffffff-3) )*MMX_COEF + (3-((i)&3)) )
+#define GETPOS(i, index)		( (index)*4 + ((i)& (0xffffffff-3) )*MMX_COEF + (3-((i)&3)) )
 #else
 #define MIN_KEYS_PER_CRYPT		1
 #define MAX_KEYS_PER_CRYPT		1
@@ -131,6 +131,7 @@ static void set_key(char *key, int index
 	{
 		total_len = 0;
 		memset(saved_key, 0, sizeof(saved_key));
+		memset(length, 0, sizeof(length));
 	}
 	len = strlen(key);
 	if(len>PLAINTEXT_LENGTH)


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ