Date: Wed, 25 Mar 2015 22:52:13 +0800 From: Kai Zhao <loverszhao@...il.com> To: john-dev@...ts.openwall.com Subject: Re: Ideas for the robustness gsoc task Below is the current ideas for the robustness gsoc task. Is it right? Note: I changed "- fuzz chr files" -> "- fuzz those listed sources of input data" Fixing input data handling ~~~~~~~~~~~~~~~~~~~~~~~ - List sources of input data and classify its trustworthiness (discuss in john-dev). Preliminary, from untrusted to less untrusted: -- input data for 2john tools -- hashes -- wordlists -- rules -- chr -- config files (non-rules parts) -- command line options -- environment variables - Review and revamp valid(), salt() etc. in all(?) formats: - Review wordlist loading and rules application - Review handling of other input data - Review other parts of the code - fuzz those listed sources of input data - (Dynamic analysis and Fuzzing) Build for different platforms: at least 32-bit, ideally big-endian - Test with increased LINE_BUFFER_SIZE Thanks Kai Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.