Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Sep 2015 18:54:41 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: larger bitmaps and hash tables

On 2015-09-16 19:44, Solar Designer wrote:
> On Wed, Sep 16, 2015 at 07:09:23PM +0200, magnum wrote:
>> On 2015-09-16 19:02, magnum wrote:
>>> BTW we now get some warnings from clang and/or with 32-bit builds.
>>>
>>> loader.c:211:18: warning: comparison of unsigned expression >= 0 is
>>> always true
>>>        [-Wtautological-compare]
>>>          } while (--size >= 0);
>>>                   ~~~~~~ ^  ~
>>> loader.c:212:11: warning: comparison of unsigned expression < 0 is
>>> always false
>>>        [-Wtautological-compare]
>>>          if (size < 0)
>>>              ~~~~ ^ ~
>>
>> And gcc 4.8, 64-bit:
>>
>> loader.c: In function 'ldr_load_pw_line':
>> loader.c:208:41: warning: array subscript is above array bounds
>> [-Warray-bounds]
>>     func = db->format->methods.binary_hash[size];
>
> This last one might be related to the "while (--size >= 0);", which no
> longer stops the loop when size was already 0.  It might be a real bug
> that would show up if we set PASSWORD_HASH_SIZE_FOR_LDR lower.

It was worse than that, it was definitely a bug. I'm surprised it worked 
at all. I committed a fix separating the signed int used for the loop 
from the size_t used for the alloc.

BTW in case we start using mem_calloc we won't need that size_t at all, 
we'd just do

	db->password_hash = mem_calloc(password_hash_sizes[size],
	    sizeof(struct db_password *));

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.