Date: Tue, 31 May 2011 01:27:41 +0200 From: magnum <rawsmooth@...dband.net> To: john-dev@...ts.openwall.com Subject: Re: John 1.7.7-jumbo-5 On 2011-05-27 17:05, jfoug wrote: > I believe that the code as released (jumbo-5-RC7) has all changes in it, > and this version should be built and tested as hopefully THE release to > become a public Jumbo-5 release. A couple of new bugs were found/fixed as the test suite evolved. I just uploaded john-1.7.7-jumbo-5-RC7-bugfixes.diff.gz to the wiki, containing the following fixes: * Truncation fixes for NT and mscash (UTF-8 only). This fixes a problem where some kinds of very long plaintexts could trash another candidate in the key buffer. * A similar (also UTF-8 only) bug in both mssql and mssql05 set_key() that could write past buffer. * One fix from the NT and mscash patch also propagated to the shared unicode function: We need to fail/truncate at all malformed UTF-8, but we didn't when encountering characters higher than U+FFFF. Related to this, Jim showed that the maximum UTF-8 octets for one UCS-2 character is 3, not 4 and this is now changed in saved_plain buffers in a couple of formats (helping memory footprint). * Raw-md5-unicode max length bumped to 27 characters (it was 53 octets for some odd reason, failing the "standard" test suite length of 27 chars) * #ifdef fixes for a couple of formats (though that "bug" would only surface if someone wanted to experiment with turning off an optimisation for hmac_md5 that I made optional) I know of no more outstanding issues. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.