Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 10 Sep 2012 18:46:11 +0200
From: magnum <>
Subject: Re: Cracking Office 2013 files with JtR

On 2012-09-10 18:43, magnum wrote:
> On 2012-09-10 18:34, Dhiru Kholia wrote:
>> DeriveKey function can be changed so that it writes to a given static
>> buffer (Office 2010 and 2013 code path do it this way). No possibility
>> of memory leak then.
>> (3) Same applied for "static unsigned char*
>> GeneratePasswordHashUsingSHA1" function.
> I guess statics would be problematic for OMP, we need to pass buffer
> pointers from the caller here too.

On second thought, that is precisely what you wrote :-)


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.