Date: Thu, 16 May 2013 13:03:39 -0500 From: "jfoug" <jfoug@....net> To: <john-dev@...ts.openwall.com> Subject: RE: missing parentheses in dynamic_fmt.c The problem was a MD5-x2 bug. In the X2, there were 2 inputs getting 0x10 bytes written to them. But one of them was not getting the length set. So in self test: 1 pw was set. But in the MD5 2 input buffers written to. We only set length of the first to 16 bytes. The other was left at 0. Then the test with 2 pw's. The cleanup still saw the end input buffer as being empty, so did not properly clean it up, and thus, a 5 byte password had 11 bytes of crap left over from the first dual md5 crypt. I simply removed the check for the value being past 'count'. It can be past count in the 2x md5 mode. It did take a bit of stepping to find the bug, along with it is sort of hard to get 2x md5 in my vc test environment. I link an x86.o file built by cygwin (which has MD5_body), and MD5_std.c also has MD5_body (for the 2X builds). So I had to #define change the name of the one in MD5_std.o to get link to work, but once I got that done and linked properly, I was able to find the problem with a little stepping and digging. Jim. From: magnum Sent: Thursday, May 16, 2013 6:52 >On 16 May, 2013, at 13:04 , Jeremi Gosney <epixoip@...dshell.nl> wrote: >> On 05/16/2013 03:39 AM, magnum wrote: >>> On 16 May, 2013, at 11:46 , Jeremi Gosney <epixoip@...dshell.nl> wrote: >>>> dynamic_fmt.c is missing a right parentheses on line 697 that >>>> prevents it from compiling on big endian. >>>> >>>> #if !ARCH_LITTLE_ENDIAN >>>> - memset(input_buf_X86, 0, FLAT_INP_BUF_SZ; >>>> + memset(input_buf_X86, 0, FLAT_INP_BUF_SZ); >>>> #endif >>>> >>> Committed, thank you. Does it pass a "-t=0 -form=dynamic" on BE after this fix? >>> >>> magnum >> >> All formats except dynamic_1300 pass their self-tests, which IIRC is a known issue. > >Thanks. Dynamic_1300 was fixed in 19992ec, 4 days ago but Jim probably hasn't tried it on BE yet. I'll create an issue on GitHub. > >Oh, I see now it doesn't work with a -generic build on x86 either. So it's not an endian problem. Download attachment "JtR-Dyna_1300_generic_X2_fix.patch" of type "application/octet-stream" (547 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.