Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 20 Aug 2015 12:13:18 +0800
From: Kai Zhao <>
Subject: Re: --test-full=0 crashes the Bitcoin format

On Thu, Aug 20, 2015 at 12:11 PM, Kai Zhao <> wrote:
> On Thu, Aug 20, 2015 at 3:54 AM, magnum <> wrote:
>> On 2015-08-06 18:38, Solar Designer wrote:
>>> Kai, magnum -
>>> Flag bugs aside, this feature as committed to magnum's jumbo triggers
>>> memory corruption:
>>> [ run]$ ./john --test-full=0
>>> [...]
>>> Testing: asa-md5, Cisco ASA [Cisco ASA (MD5 salted) 128/128 AVX 4x3]...
>>> PASS
>>> Testing: bfegg, Eggdrop [Blowfish 32/64]... (32xOMP) PASS
>>> Testing: Bitcoin [SHA512 AES 128/128 AVX 2x]... (32xOMP) *** glibc
>>> detected *** ./john: double free or corruption (!prev): 0x000000000224a770
>>> ***
>> I replaced the EVP stuff in bitcoin with our own aes.h stuff in 0e2beec and
>> have yet to trigger the bug since. Perhaps Kai can test it some more.
>> If we do get some variant of the problem again (I doubt it), it'll likely be
>> easier to debug and/or detected by ASan.
>> I'll open an issue for finding more uses of EVP and/or BIO that we can get
>> rid of. High-level stuff and abstraction layers are often Bad Ideas[tm] in
>> high-performance code anyway.
> I have run "./john --test-full=0 --format=bitcoin" about 500 times and
> it did crash.
> I think this bug is fixed. Thanks.

Sorry. "it did crash" -> "it did not crash"

I have run "./john --test-full=0 --format=bitcoin" about 500 times and
it did not crash. I think this bug is fixed.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.