john-dev - Re: fixing the valid() methods

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <618cbe012e36509ca24a2300569cbbfa@smtp.hushmail.com>
Date: Mon, 10 Dec 2012 04:09:48 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: fixing the valid() methods

On 10 Dec, 2012, at 4:06 , magnum <john.magnum@...hmail.com> wrote:
> On 10 Dec, 2012, at 3:52 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>> On Monday 10 December 2012 08:11 AM, magnum wrote:
>>> On 10 Dec, 2012, at 3:11 , magnum <john.magnum@...hmail.com> wrote:
>>>> After fixing KRB4, DMG segfaults. This is one of the formats that got a "more robust valid()" days ago. Unfortunately it is still not robust. Note btw that my "valid() killer" does not trigger all kinds of problems, basically just one. magnum
>> 
>> LOL. My patches to valid were not very good but they are getting better.
>> 
>> Can you try crashing RACF format? I am (slightly) more confident about it.
> 
> I think it will survive most anything, but you reject on tag mismatch before doing the strdup().

That should have read "you *should* reject on tag mismatch"...

magnum

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.