Date: Wed, 27 Jun 2012 20:32:55 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: RAR cmp_one(3) failures (was: Raw SHA-1 and RAR3 SHA-1 AES FAILed self test on 32bit linux OMP builds) On Thu, Jun 21, 2012 at 11:39:54PM +0200, magnum wrote: > The RAR format actually has a known bug, it will sometimes fail at > cmp_one(3) and I will give a beer to anyone that finds the culprit. It's > present in non-OMP CPU-only builds and any other ones too. But the > moment I grab my debugger, the bug crawls back under its' stone and > hides until I give up. > > I just *hope* that if you pass the self-test, you will actually be safe > running a crack, but I am not sure. I have never seen a false negative > once passing self-test. > > BTW, cmp_one(3) indicates the problems is with normal (-m3) -p archives, > that is, deflated ones without encrypted headers. So the problem *might* > be within unrar.c (the clamav stuff) or the inititalization / use of it. > I have gone through all of it a dozen times and I just can't find the > problem. For me, the problem is now triggerable after about 10 or 20 invocations of the OpenMP build, regardless of whether ASLR is enabled or not. It is _not_ triggerable in a non-OpenMP build on the same machine, again regardless of ASLR. Of course, this does not mean it would not appear in a non-OpenMP build on another system. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.