Date: Fri, 8 Jul 2016 19:14:19 +0200 From: magnum <john.magnum@...hmail.com> To: john-dev@...ts.openwall.com Subject: Re: rules.c bug/feature On 2016-07-08 15:53, Solar Designer wrote: > On Fri, Jul 08, 2016 at 04:19:20PM +0300, Solar Designer wrote: >> On Fri, Jul 08, 2016 at 02:24:58PM +0200, magnum wrote: >>> On 2016-07-06 18:27, Solar Designer wrote: >>>> in[RULE_WORD_SIZE - 1] = 0; >>>> >>>> Is this somehow broken? We should identify the issue and fix it if so. >>> >>> Sounds good, but then it must be broken somehow. The memcpy in 'd' did >>> blow the buffer and overwrote rules_data.classes and I verified this >>> happens in John proper too. I'm not sure why but I'll let you handle it. >> >> You're right. I didn't bother reproducing it, but I think I know what >> the problem is: when I introduced the "length" variable some years ago, >> I forgot to update the loop logic to clamp not only the buffer but also >> this integer variable to the maximum length. I think the attached patch >> should fix it. I'll test and commit it. > > Committed. Merged to Jumbo now. Thanks! magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.