Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 7 Jun 2011 22:41:43 -0700
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: 1.7.7-jumbo-6

2011/6/7 Solar Designer <solar@...nwall.com>:
>> On Tue, Jun 7, 2011 at 9:12 PM, Solar Designer <solar@...nwall.com> wrote:
>> >> $ ./john ../src/unused/sshdump
>> >> Loaded 2 password hashes with 2 different salts (ssh [32/64])
>> >> *** glibc detected *** double free or corruption (!prev): 0x000000001f5e0410 ***
>> >> Aborted
>>
>>
>> Which machine and what version of OpenSSL are you using? It is Owl 3?
>> I am setting up a Owl 3 VM again. Will try to replicate this there.
>
> Yes, that was an Owl 3'ish system with OpenSSL 0.9.7m and a custom build
> of gcc 4.5.0.  x86_64, 8 logical CPUs (so 8 threads).
>
> --test --format=ssh doesn't fail, but gives rather poor performance
> (similar to that of a single thread), which might be related to the same
> problem (the threads accessing the same memory pages).

I have managed to replicate the problem on Ubuntu 11.04 which uses
openssl (0.9.8o-5ubuntu1) with OpenMP enabled.
http://packages.ubuntu.com/natty/openssl
Even removing all free calls from program doesn't prevent the crash
from happening.

1. What about limiting the patch to OpenSSL 1.0.0 series (which
hopefully works!)?
2. What about building 0.9.8r and testing against that?

Will test out option 2 tomorrow morning.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.