Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 27 Jan 2013 20:08:29 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: getting rid of alloca() and variable-sized arrays

On 27 Jan, 2013, at 18:54 , Solar Designer <solar@...nwall.com> wrote:
> On Sun, Jan 27, 2013 at 06:43:10PM +0100, magnum wrote:
>> For portability reasons, or some other reason as well?
> 
> Also for reliability and (maybe later) for security reasons.  (I said
> "maybe later" because JtR -jumbo is insecure when faced with untrusted
> input now, and it is unclear if we'll ever fix that, although it'd be
> nice to do so.  We might instead document the risk - in fact, we should
> do that for next -jumbo.)
> 
> alloca() may bring the stack pointer outside of the stack area, and into
> some other area such as the heap.
> 
>> There are also some uses of variable-size arrays,
> 
> These are just as bad for security and reliability, and are even less
> portable.
> 
>> which boils down to the same thing. These are harder to just grep out but I can easily list them trying to do OMP with Apple's gcc :)
>> 
>> How do we get rid of them? Using stack arrays of maximum size that will ever be needed?
> 
> We'll need to review and revise the code on a case by case basis.
> When there's a clear maximum size and it's small enough, we can use
> fixed-size arrays on the stack (and do proper bounds checking).
> In other cases, we can allocate dynamic memory and MEM_FREE() it before
> the function returns.
> 
> I suspect that there are also cases where the allocation can be avoided
> altogether without complicating the code much (or even simplifying it).



Dhiru, I have a patch for this so don't bother with it (most of them were your formats). I just need to test it more. For all cases except GPG, fixed size arrays are fine. For GPG, malloc/free does not hurt performance at all.

BTW now that I can build OMP with llvm I can confirm the krb5-23 problem is still there.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.