Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 06 Jun 2012 12:40:24 +0200
From: magnum <>
Subject: RAR bug (was: off-list)

On 06/06/2012 11:02 AM, magnum wrote:
> On 06/05/2012 Solar Designer wrote:
>> Here's what I got:
>> $ ./john -w=password.lst -ru pw-rar
>> Loaded 1 password hash (RAR3 [32/64])
>> Self test failed (cmp_one(3))
>> This happened just once. Repeating the command did not reproduce it
>> (cracking started fine). I think the machine's hardware is fine. This
>> could be some bug in the code triggered by specific address layout.
>> (ASLR is enabled.)
> Yes, I have seen this occasionally. It happens with CPU or OpenCL code,
> and with OMP or not. I just can't find the reason! I have audited the
> code (I never hit the bug when debugging) and I can't see what could be
> wrong.

By the way, I think it is always cmp_one(3) and this means it's the -p 
-m3 test, that is the libclamav unrar code path that fails. I have 
looked at all initializations and I can't see anything amiss.

I know just a little about ASLR. I don't see how it could trigger a 
thing like this? Could it be a buffer overrun that only get serious with 
some layouts? Wouldn't the relative layout be the same within any 
segment, and within the stack?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.