Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 3 Aug 2012 04:43:45 +0400
From: Solar Designer <>
Subject: Re: Wordlist memory corruption - 1.7.9-jumbo-6

Guth, Jim, magnum -

On Wed, Aug 01, 2012 at 01:14:25PM +0200, Guth wrote:
> It seems that jtr segfault/corrupt memory on wordlist attacks under some
> circonstances:
> guth[run]$ ./john
> John the Ripper password cracker, ver: 1.7.9-jumbo-6 [linux-x86-64-native]

Yes.  wordlist.c in jumbo is extremely dirty.  I think we should
reimplement all changes made to it (relative to its revision in 1.7.9
release) in a cleaner fashion.

> guth[run]$ cat -e polish_rev_2
> ^Mzciwonakaba$
> ^Mruzaba$

I am able to reproduce the crash using this wordlist, thanks.

The bug appears to be that at first lines are counted looking for just
one of the CR or LF characters, and the words[] array is allocated
accordingly, but then either character terminates the word and thus
requires a words[] array element for the next word.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.