Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 25 Mar 2015 22:52:13 +0800
From: Kai Zhao <>
Subject: Re: Ideas for the robustness gsoc task

Below is the current ideas for the robustness gsoc task. Is it right?
Note: I changed "- fuzz chr files"  ->  "- fuzz those listed sources of
input data"

Fixing input data handling

- List sources of input data and classify its trustworthiness (discuss in
  Preliminary, from untrusted to less untrusted:

-- input data for 2john tools
-- hashes
-- wordlists
-- rules
-- chr
-- config files (non-rules parts)
-- command line options
-- environment variables

- Review and revamp valid(), salt() etc. in all(?) formats:

- Review wordlist loading and rules application

- Review handling of other input data

- Review other parts of the code

- fuzz those listed sources of input data

- (Dynamic analysis and Fuzzing) Build for different platforms: at least
32-bit, ideally big-endian

- Test with increased LINE_BUFFER_SIZE



Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.