Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 10 Sep 2012 18:43:53 +0200
From: magnum <>
Subject: Re: Cracking Office 2013 files with JtR

On 2012-09-10 18:34, Dhiru Kholia wrote:
> -  inputBuf = (unsigned char *)malloc(0x14 + 0x04);
> + inputBuf = (unsigned char *)malloc(0x14 + 0x04 + 4);
> Some time back, I was thinking of getting rid of these malloc all together.

Yeah, they are small enough they could be stack variables. I'm still
digging around in the code, I may be posting more patches. It's a good
way to get a feel for the code, so I can start writing the OpenCL format :)

> static unsigned char *DeriveKey(unsigned char *hashValue)
> {
>         ...
>         X1 = (unsigned char *)malloc(20);
>         ...
>         return X1;
> }
> DeriveKey function can be changed so that it writes to a given static
> buffer (Office 2010 and 2013 code path do it this way). No possibility
> of memory leak then.
> (3) Same applied for "static unsigned char*
> GeneratePasswordHashUsingSHA1" function.

I guess statics would be problematic for OMP, we need to pass buffer
pointers from the caller here too.

BTW, I just now committed some assertions (well, just warning output) in
case DeriveKey() ends up not returning X1. Could that happen at all? If
not, no harm done. If it *can* happen, we will now rather warn than
segfault :)

I'll also verify all test hashes Rich supplied, or did you do that already?


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.