Date: Sat, 04 May 2013 11:26:22 +0400 From: Alexander Cherepanov <cherepan@...me.ru> To: john-dev@...ts.openwall.com Subject: Re: Yet more crashes On 2013-05-03 01:47, jfoug wrote: > Dynamic cannot be 'fixed' to be crash proof. Since any user can create any > format, bad or not, there is simply no way, unless dynamic checked every > byte written, each time, which would cripple the format. > > I could chase my tail forever, fixing specifically formatted purposeful > garbage, only to have the format still be just as open as it is today. > Anyone can create a dynamic script that crashes. Here is an example, there > are infinite number of these ;) What you talk about is also an interesting problem but it's completely different problem. configs are trusted content. When john crashes on a config with user's changes that's the question of convenience. It would be nice for john to emit a user-friendly warning in this case instead of a crash but it's not very important. OTOH hashes are untrusted content. They are coming from outside, usually in some automated way. And user doesn't control lengths of various fields -- s/he doesn't even look at them, right? Even if s/he looks at them, s/he doesn't know limits for various parts of a hash in john. One can think of a forensic researcher / pentester as a predator hunting a defenceless prey but the situation can easily be turned upside down -- cf. anti-forensics / counter-forensics. Crashes are not only DoS on john but some of them are indications of expoitable vulnerabilities leading to code execution. I've not yet sorted them out though. But don't take me wrong -- I'm not implying in any way that you must fix all crashes in dynamic, that someone else must do something else in john or that all crashes must be fixed before release. -- Alexander Cherepanov
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.