Date: Tue, 9 May 2006 22:39:07 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: john --format=NT segfaults when using wrong password file format On Tue, May 09, 2006 at 08:14:46PM +0200, Frank Dittrich wrote: > When trying john --format=NT with an incorrectly > formatted password file, john segfaults: > > fd@fd:~/JtR/john-220.127.116.11-dummy/run> cat fdtest_LM-20 > 1:0123456789ABCDEF0123456789SBCDEF:0123456789ABCDEF9123456789ABCDEF > > fd@fd:~/JtR/john-18.104.22.168-dummy/run> ./john --show --format=NT fdtest_LM > Speicherzugriffsfehler OK, I think this should be sufficient information for whoever will look into this to reproduce the problem and fix the bug. I am not sure who will do that, though, since this contributed patch does not appear to have a maintainer currently. I'd rather invest my time into improving the code that is currently in the official JtR - and into adding more code in there. > symbols found)...(no debugging symbols found)...(no debugging symbols > found)... > Program received signal SIGSEGV, Segmentation fault. > 0x08061709 in MD4_Final () > gdb>bt > #0 0x08061709 in MD4_Final () > #1 0xbfffeb5c in ?? () I'm afraid that this is not useful at all. You'd need to rebuild with debugging symbols (-g) and with frame pointers (drop -fomit-frame-pointer) for the backtrace to be useful. It is obvious that the crash is _not_ in MD4_Final() and that the function was _not_ called from a location on the stack. > While this problem does not occur with correctly formatted password files, > a segfault should be avoided even if using arbitrary input. Indeed. But this is just a contributed patch. Thanks, -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.