Date: Wed, 20 Feb 2013 22:38:11 +0200 From: Milen Rangelov <gat3way@...il.com> To: john-dev@...ts.openwall.com Subject: Minor problem in ODF format Hello, While working on my odf plugin and using the jtr format as a reference, I noticed a minor problem that could cause false negatives with some documents. Problem is here: BF_set_key(&bf_key, cur_salt->key_size, key); BF_cfb64_encrypt(cur_salt->content, output, 1024, &bf_key, ivec, &bf_ivec_pos, 0); SHA1_Init(&ctx); SHA1_Update(&ctx, output, 1024); SHA1_Final((unsigned char*)crypt_out[index], &ctx); With certain documents (very small in size, e.g just 1-2 short paragraphs) it is possible that the size of content.xml is less than 1024 bytes and in that case there is no need to decrypt 1024 bytes and hash the result because the actual size is less than that (decryption is OK, but hashing would definitely produce wrong result). This can cause more problems earlier in the parsing code though because we're reading out of bounds: p = strtok(NULL, "*"); for (i = 0; i < 1024; i++) cs.content[i] = atoi16[ARCH_INDEX(p[i * 2])] * 16 + atoi16[ARCH_INDEX(p[i * 2 + 1])]; This is a minor problem, yet quite easy to fix. Regards, Milen Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.