Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Jan 2012 23:47:30 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Recent CVS patches

On Mon, Jan 16, 2012 at 08:36:23PM +0100, magnum wrote:
> There is now such a branch on GutHub. There are a couple of issues that
> popped up due to the new alignments and self tests. This is probably a
> good thing and I'll look into them but right now I don't really get how
> things are supposed to go together. Take for example BFEgg:
> 
> It fails with "FAILED (binary)" because the binary is misaligned. But
> that is because fmt_default_binary just pass the ciphertext pointer, so
> if something is misaligned it's not because of BFEgg - or is it? And
> who/what says BFEgg needs alignment in the first place? I believe it
> doesn't.

You seem to be right.  The alignment requirements in the self-tests in
the current CVS tree are too strict.

binary_hash*() often requires alignment, so this requirement is now
being imposed on binary()'s return value, which the loader may pass
directly into binary_hash*().  However, BFEgg's binary_hash*() does not
have this requirement.

How do you suggest we deal with this?  Introduce FMT_* flags that tell
the self-tests that misalignment of binary and/or salt is OK?  Or simply
drop this test for all?

I primarily wanted to introduce a test that the declared sizes are
sufficient.  I had a bug in a revision of trip_fmt.c where the declared
BINARY_SIZE was smaller than what the code actually relied on, and this
bug was not detected by self-tests prior to my recent changes to them.
So I introduced memory allocations and memcpy() just to the declared
size, and while I was at it I also introduced those alignment tests.

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.