Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAHFR4j6X7AyrAMZRkqQGiUK4qAGEAEFOZLSPGPfORK5nYFT_0A@mail.gmail.com>
Date: Sun, 17 Jun 2012 10:59:00 +0400
From: "Elijah [W&P]" <smarteam.support@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: RAR bug (was: off-list)

just testing the cygwin (win32_sse2) build with OMP enabled now and this
rar format is behaving strange - john -test sometimes goes fine and
sometimes fails

>$ ../run/john -test -format=rar
>Benchmarking: RAR3 (4 characters) [32/32]... (4xOMP) DONE
>Raw:    172 c/s real, 62.6 c/s virtual
>
>>$ ../run/john -test -format=rar
>Benchmarking: RAR3 (4 characters) [32/32]... (4xOMP) FAILED (cmp_one(3))
>
$ ../run/john -test -format=rar
Benchmarking: RAR3 (4 characters) [32/32]... (4xOMP) FAILED (cmp_all(4))
>
>$ ../run/john -test -format=rar
>Benchmarking: RAR3 (4 characters) [32/32]... (4xOMP) DONE
>Raw:    178 c/s real, 64.5 c/s virtual


On 6 June 2012 14:40, magnum <john.magnum@...hmail.com> wrote:

> On 06/06/2012 11:02 AM, magnum wrote:
>
>> On 06/05/2012 Solar Designer wrote:
>>
>>> Here's what I got:
>>>
>>> $ ./john -w=password.lst -ru pw-rar
>>> Loaded 1 password hash (RAR3 [32/64])
>>> Self test failed (cmp_one(3))
>>>
>>> This happened just once. Repeating the command did not reproduce it
>>> (cracking started fine). I think the machine's hardware is fine. This
>>> could be some bug in the code triggered by specific address layout.
>>> (ASLR is enabled.)
>>>
>>
>> Yes, I have seen this occasionally. It happens with CPU or OpenCL code,
>> and with OMP or not. I just can't find the reason! I have audited the
>> code (I never hit the bug when debugging) and I can't see what could be
>> wrong.
>>
>
> By the way, I think it is always cmp_one(3) and this means it's the -p -m3
> test, that is the libclamav unrar code path that fails. I have looked at
> all initializations and I can't see anything amiss.
>
> I know just a little about ASLR. I don't see how it could trigger a thing
> like this? Could it be a buffer overrun that only get serious with some
> layouts? Wouldn't the relative layout be the same within any segment, and
> within the stack?
>
> magnum
>
>

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.