Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <012901cd58d2$a6db2a90$f4917fb0$@net>
Date: Mon, 2 Jul 2012 23:16:42 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: plans for 1.7.9-jumbo-7, new formats interface, 1.8

Speaking of Radmin,  I get this when running under VC, in debug mode (has
stack checking on by default).  (-test=0)

Benchmarking: RAdmin v2.x MD5 [32/32]... 
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'input' was
corrupted.
(0) : Run-Time Check Failure #2 - Stack around the variable 'ctx' was
corrupted.
DONE
Raw:    4294M c/s

So somewhere, we have some memory issues.  When I run a -test=1 -form=radmin
I get a ton more of those messages.  From the 2 vars, it looks like
something in crypt_all.

One other big issue I see here, is when you allocate crypt_out, it MUST be
done MEM_ALIGN_WORD.  You later access this as a ARCH_WORD_32. On systems
that do not allow unaligned access (sparc for one), it will core.

Jim.

>-----Original Message-----
>From: Dhiru Kholia [mailto:dhiru.kholia@...il.com]
>Sent: Monday, July 02, 2012 10:31 PM
>To: john-dev@...ts.openwall.com
>Subject: Re: [john-dev] plans for 1.7.9-jumbo-7, new formats interface,
>1.8
>
>On Tue, Jul 3, 2012 at 5:19 AM, magnum <john.magnum@...hmail.com> wrote:
>> On 2012-07-03 01:08, Solar Designer wrote:
>>> I think that it would be good for us to release a 1.7.9-jumbo-7 with
>>> little more than bugfixes for issues found in -6, in 1-2 weeks from
>now.
>>
>> We have kept all the hazard stuff in bleeding-jumbo. I think Dhiru
>> added one or two formats. Dhiru, are these safe for old versions of
>> OpenSSL and so on?
>
>Radmin format shoule be safe for old version of OpenSSL and hence it not
>a plug-un. pfx format is not a plug-in and has a check for old version
>of OpenSSL (someone needs to test it though).
>
>Both can go in jumbo-7. No problems.
>
>> We'll just use bleeding for the crazy stuff for now, and start a third
>> branch only if/when needed. Dhiru, please confirm: From now on push to
>> bleeding if you are unsure, or consult the lists.
>
>Okay, I won't have any more patches for a while.
>
>--
>Cheers,
>Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.