Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 13 Dec 2012 07:52:26 +0530
From: Dhiru Kholia <>
Subject: Re: krb5pa-sha1 crash

On Thu, Dec 13, 2012 at 3:25 AM, magnum <> wrote:
> Still can't reproduce. Are you running 32-bit? Make a debug build, throw it at gdb and tell me where it crashed.

I am using 64-bit Linux and I am able to reproduce the crash every
time. However, turning on debugging makes the crash go away.

✗ cat crashing-hash

Clang's asan crashes too but at a strange location.

ERROR: AddressSanitizer stack-buffer-overflow on address
0x7fff50cf4ff7 at pc 0x4cdcad bp 0x7fff50cf4cd0 sp 0x7fff50cf4cc8
WRITE of size 1 at 0x7fff50cf4ff7 thread T0
    #0 0x4cdcad in hmac_sha1_data /home/dsk/JohnTheRipper/src/gladman_hmac.c:87
Address 0x7fff50cf4ff7 is located at offset 567 in frame <derive_key>
of T0's stack:
  This frame has 5 object(s):
    [32, 52) 'uu'
    [96, 116) 'ux'
    [160, 324) 'c1'
    [384, 548) 'c2'
    [608, 772) 'c3'

Fixing this overflow might not (or might) solve the original problem.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.