Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 29 Oct 2008 20:19:18 +0100
From: Till Maas <opensource@...l.name>
To: john-users@...ts.openwall.com
Subject: [PATCH] avoid stack smash for NETHALFLM / NET(HALF)LM cleanup

Hiyas,

john --test --format=NETHALFLM crashed on my Fedora systeme because of a 
smashed stack. The array lm was not big enough to hold the full key that is 
assigned to it with setup_des_key afaics. Attached is a patch that changes 
lm[7] to lm[8].

I used john-1.7.3.1 and john-1.7.3.1-all-5.diff.gz.

Btw. is there more documentation available about writing format extensions for 
john except the formats.h?

Also it should be possible to merge NETHALFLM_fmt.c and NETLM_fmt.c, because 
they are almost identical except for some constants and some improvements to 
NETHALFLM_fmt.c, that were not merged into NETLM_fmt.c. I am not an 
experienced C-programmer, so the best way to do this for me would to create a 
file that contains all the common code, and only keep the #defines in the 
*_fmt.c files and then #include the common code. Would this be good or is 
there a better way to do this?


Regards,
Till

View attachment "john-1.7.3.1-all-5-NETHALFLM-stack-smash.patch" of type "text/x-diff" (642 bytes)

Download attachment "signature.asc " of type "application/pgp-signature" (828 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ