Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Apr 2013 20:12:38 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: simple issue to possibly fix

On 16 Apr, 2013, at 18:40 , jfoug <jfoug@....net> wrote:
> From: johnuser [mailto:johnuser1243@...oo.com] 
>> [quote]
>> You should be able to fix that. Look in dynamic_utils.c, around line 165.
>> 
>> Code:
>> 
>> cpx += sprintf(cpx, "%x", *cp++);
>> 
>> should be
>> 
>> cpx += sprintf(cpx, "%02x", *cp++);
>> [/quote]
> 
> That is certainly a bug, and appears that the %02x is the proper fix.  The
> size of the buffer already had enough bytes added (double compute of the
> strlen(cp)), so there is enough memory. The %x worked fine for any byte
> larger than 0x0F.  However, lower bytes that were mangled as shown, and my
> testing during development did not catch this.
> 
> This was a somewhat 'late' addon, to work around other issues, like ':', \r
> \n (and even '$') being in the salt, which were breaking the .pot file.  

Fix is committed.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.