Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 6 Sep 2015 13:40:50 -0500
From: JimF <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

These formats 100% handle this flag properly.  They just do not set it 
into their
format structure in a static manner.   If you add it (certainly can), it 
will not make
it any more or less likely to actually honor the flag setting in the end.
It is set and honored because of the way which dynamic works. I HAVE to
handle this programmatically within dynamic, because I do not know which
formats can/should have it set until I see them. Dyna will always set 
this flag,
UNLESS it can not, such as a base-64 hash, or IIRC a couple other instances.
So when the the 'thin' format passes it's format structure to the function
within dynamic which actually 'links' dynamic to the format structure 
(setting
function pointers, setting lengths and other params), this flag is handled,
based upon what dynamic can glean from the format itself.

This particular issue was talked through fully a while back (month ago?)

 > I expect that we have many formats that don't handle

I think that expectation is likely not valid. Kai did find a couple, but 
most
of this was cleaned up by Frank, the resident bug sniffer last fall.

On 9/6/2015 1:25 PM, Solar Designer wrote:
> Kai, magnum, Jim -
>
> I primarily address this reply to Kai, but I'd like at least magnum and
> Jim to read it as well, and to help with further discussion.
>
> On Thu, Aug 27, 2015 at 10:40:12AM +0800, Kai Zhao wrote:
>> On Tue, Jul 28, 2015 at 10:03 AM, Kai Zhao <loverszhao@...il.com> wrote:
>>> Finally, there are no formats have obvious problems with
>>> FMT_SPLIT_UNIFIES_CASE flag. But there are 3 formats: MediaWiki,
>>> >clip<

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.