Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 27 Jun 2012 23:47:37 +0400
From: Solar Designer <>
Subject: Re: RAR cmp_one(3) failures

On Wed, Jun 27, 2012 at 09:42:51PM +0200, magnum wrote:
> Oh. But the very first time it's called, we are in the self-test with a
> crypt_all(1), right? So there should only be one thread.

No, we're in there with crypt_all(3), and we're running 4 threads.
This also explains why I was unable to trigger the bug with fewer than 4

> I'm extremely happy if we can kill this bug!

Me too.  Patch attached.

Sorry for this counter-intuitive CRC32_Init() interface, which mimics
OpenSSL's thread-safe interfaces but actually is not...  I actually knew
of this limitation many years ago when I wrote this code, but of course
I did not recall until I debugged it the hard way today.


View attachment "john-rar-crc32-race.diff" of type "text/plain" (431 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.