[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 30 Jun 2012 12:52:36 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: asan report
On 2012-06-30 12:42, jfoug wrote:
>> From: magnum [mailto:john.magnum@...hmail.com]
>> Attached is a diff showing what I mean. But the same problem is also in
>> all the hard-coded test vectors. Should we really fix this?
>
> I was not even thinking of this one (but it certainly is another example).
>
> What I was thinking of doing, was to have a stack buffer, and strcpy the key
> into this, prior to sending it to fmt->set_key();
Yes my code was just an example. I think we should do a set_key_wrapper
that works like you say that is used in the self tests (fixes the test
vectors too). Though it will affect benchmark speeds.
> Also, your null could simply have been
>
> char null[8] = {0};
>
> All of the code I know about, would look up to 4 bytes past end of buffer
> (if buffer was ""). It is all in SSE code. But setting it to be 8 bytes,
> would not hurt anything, and then if we later used 8 bytes (not sure we
> would), then we would be covered. No reason to alloc this.
We need to alloc the full length, for formats that do memcpy(d, s,
PLAINTEXT_LENGTH)
magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
