Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 30 Jun 2012 05:42:48 -0500
From: "jfoug" <>
To: <>
Subject: RE: asan report

>From: magnum []
>Attached is a diff showing what I mean. But the same problem is also in
>all the hard-coded test vectors. Should we really fix this?

I was not even thinking of this one (but it certainly is another example).  

What I was thinking of doing, was to have a stack buffer, and strcpy the key
into this, prior to sending it to fmt->set_key();

Also, your null could simply have been 

char null[8] = {0};

All of the code I know about, would look up to 4 bytes past end of buffer
(if buffer was "").  It is all in SSE code.  But setting it to be 8 bytes,
would not hurt anything, and then if we later used 8 bytes (not sure we
would), then we would be covered.  No reason to alloc this.

For the key setting from the static data for a format test, I was thinking
something like:



+ 	strcpy(PW, current->plaintext);
+ 	format->methods.set_key(PW, index);
- 	format->methods.set_key(current->plaintext, index);

But as you mentioned on another thread, we may have to honor aligned, so PW
would need either allocated, or a pointer that points to the first align
boundary within PW.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.