Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <BLU0-SMTP351A1037A49CB87C0643532FDCD0@phx.gbl>
Date: Tue, 16 Apr 2013 13:32:22 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Segfault for hdaa on linux-x86-clang-debug

On 04/16/2013 11:23 AM, magnum wrote:
> On 16 Apr, 2013, at 10:01 , Frank Dittrich <frank_dittrich@...mail.com> wrote:
>> Benchmarking: HTTP Digest access authentication MD5 [128/128 SSE2
>> intrinsics 16x]...
>> Program received signal SIGSEGV, Segmentation fault.
>> 0x081368b3 in SSEmd5body (data=0x8417028, out=0x8419618, init=1) at
>> sse-intrinsics.c:122
>> 122			MD5_STEP(MD5_F, a, b, c, d, 0, 0xd76aa478, 7)
>> (gdb) bt
>> #0  0x081368b3 in SSEmd5body (data=0x8417028, out=0x8419618, init=1) at
>> sse-intrinsics.c:122
> 
> Hm, data and out are only 8-byte aligned here. They should be 16-byte aligned for SSE2 and this is the cause of the segfault.

Since this points to a possible problem in the format itself, and not in
the -DDEBUG code, here are all the formats that fail for
linux-x86-clang-debug:

hdaa ipb2 mschapv2 netntlm nt2 xsha mscash2 oracle11 raw-md5u sapb sapg
sunmd5 wpapsk

Information for hdaa and ipb2 has been posted in other messages, here
are the details for the other formats:

mschapv2


(gdb) run --test=0 --format=mschapv2
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=mschapv2
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: MSCHAPv2 C/R MD4 DES [128/128 SSE2 intrinsics 12x]...
Rejected MSCHAPv2 hash with invalid 3rd block
Rejected MSCHAPv2 hash with invalid 3rd block
Rejected MSCHAPv2 hash with invalid 3rd block
Rejected MSCHAPv2 hash with invalid 3rd block

Program received signal SIGSEGV, Segmentation fault.
0x0814062f in SSEmd4body (data=0x8414028, out=0x8423f40, init=1) at
sse-intrinsics.c:521
521			MD4_STEP(MD4_F, a, b, c, d, 0, cst, 3)
Missing separate debuginfos, use: debuginfo-install
keyutils-libs-1.5.5-3.fc18.i686 krb5-libs-1.10.3-14.fc18.i686
libcom_err-1.42.5-1.fc18.i686 libgcc-4.7.2-8.fc18.i686
libselinux-2.1.12-7.3.fc18.i686 nspr-4.9.5-2.fc18.i686
nss-3.14.3-1.fc18.i686 nss-util-3.14.3-1.fc18.i686
openssl-libs-1.0.1e-4.fc18.i686 pcre-8.31-4.fc18.i686 zlib-1.2.7-9.fc18.i686
(gdb) bt
#0  0x0814062f in SSEmd4body (data=0x8414028, out=0x8423f40, init=1) at
sse-intrinsics.c:521
#1  0x08098783 in crypt_all (count=1) at MSCHAPv2_fmt_plug.c:488
#2  0x08104e2a in fmt_self_test (format=<optimized out>) at formats.c:243
#3  0x080fe5d2 in benchmark_format (format=0x81b2fd4 <fmt_MSCHAPv2_new>,
salts=-1073746152,
    results=<optimized out>) at bench.c:159
#4  0x080feeeb in benchmark_all () at bench.c:498
#5  0x08107ed0 in john_run () at john.c:711
#6  0x08107ab9 in main (argc=3, argv=0xbffff124) at john.c:1008
(gdb) up
#1  0x08098783 in crypt_all (count=1) at MSCHAPv2_fmt_plug.c:488
488				SSEmd4body(&saved_key[i * NBKEYS * 64], (unsigned int*)&nthash[i
* NBKEYS * 16], 1);
(gdb) up
#1  0x08098783 in crypt_all (count=1) at MSCHAPv2_fmt_plug.c:488
488				SSEmd4body(&saved_key[i * NBKEYS * 64], (unsigned int*)&nthash[i
* NBKEYS * 16], 1);
(gdb) print saved_key
$1 = (unsigned char *) 0x8414028 "2"
(gdb) print saved_key[0]
$2 = 50 '2'
(gdb) print saved_key[1]
$3 = 0 '\000'
(gdb) print saved_key[2]
$4 = 50 '2'
(gdb) print saved_key[3]
$5 = 0 '\000'
(gdb) print saved_key[4]
$6 = 0 '\000'

So, "2222" fro the first test case got overwritten here.
data not aligned at 16 bytes.

netntlm

(gdb) run --test=0 --format=netntlm
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=netntlm
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: NTLMv1 C/R MD4 DES (ESS MD5) [128/128 SSE2 intrinsics 12x]...
Program received signal SIGSEGV, Segmentation fault.
0x0813f62f in SSEmd4body (data=0x8413028, out=0x8422f40, init=1) at
sse-intrinsics.c:521
521			MD4_STEP(MD4_F, a, b, c, d, 0, cst, 3)
(gdb) bt
#0  0x0813f62f in SSEmd4body (data=0x8413028, out=0x8422f40, init=1) at
sse-intrinsics.c:521
#1  0x080abef3 in crypt_all (count=1) at NETNTLM_fmt_plug.c:384
#2  0x08103aaa in fmt_self_test (format=<optimized out>) at formats.c:243
#3  0x080fd252 in benchmark_format (format=0x81b4a4c <fmt_NETNTLM_new>,
salts=-1073746152,
    results=<optimized out>) at bench.c:159
#4  0x080fdb6b in benchmark_all () at bench.c:498
#5  0x08106b50 in john_run () at john.c:711
#6  0x08106739 in main (argc=3, argv=0xbffff124) at john.c:1008
(gdb) up
#1  0x080abef3 in crypt_all (count=1) at NETNTLM_fmt_plug.c:384
384				SSEmd4body(&saved_key[i * NBKEYS * 64], (unsigned int*)&nthash[i
* NBKEYS * 16], 1);
(gdb) print saved_key
$1 = (unsigned char *) 0x8413028 "g"
(gdb) print saved_key[1]
$2 = 0 '\000'
(gdb) print saved_key[2]
$3 = 51 '3'
(gdb) print saved_key[3]
$4 = 0 '\000'
(gdb) print saved_key[4]
$5 = 0 '\000'
(gdb) print saved_key[5]
$6 = 0 '\000'
(gdb) print saved_key[6]
$7 = 0 '\000'
(gdb)


So, "g3rg3g3rg3g3rg3" got overwritten here.
data not aligned at 16 bytes.

nt2

(gdb) run --test=0 --format=nt2
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0 --format=nt2
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: NT MD4 [128/128 SSE2 intrinsics 12x]...
Program received signal SIGSEGV, Segmentation fault.
0x0813e62f in SSEmd4body (data=0x8411028, out=0x8411340, init=1) at
sse-intrinsics.c:521
521			MD4_STEP(MD4_F, a, b, c, d, 0, cst, 3)
(gdb) bt
#0  0x0813e62f in SSEmd4body (data=0x8411028, out=0x8411340, init=1) at
sse-intrinsics.c:521
#1  0x080b7962 in crypt_all (count=1) at nt2_fmt_plug.c:528
#2  0x081028fa in fmt_self_test (format=<optimized out>) at formats.c:243
#3  0x080fc0a2 in benchmark_format (format=0x81b303c <fmt_NT2>,
salts=-1073746152, results=<optimized out>)
    at bench.c:159
#4  0x080fc9bb in benchmark_all () at bench.c:498
#5  0x081059a0 in john_run () at john.c:711
#6  0x08105589 in main (argc=3, argv=0xbffff124) at john.c:1008
(gdb) up
#1  0x080b7962 in crypt_all (count=1) at nt2_fmt_plug.c:528
528		SSEmd4body(saved_key, (unsigned int*)crypt_key, 1);
(gdb) print saved_key
$1 = (unsigned char *) 0x8411028 "J"
(gdb) print saved_key[2]
$2 = 111 'o'
(gdb) print saved_key[3]
$3 = 0 '\000'
(gdb) print saved_key[4]
$4 = 0 '\000'

"John the Ripper" got overwritten.
data not aligned at 16 bytes.


xsha

(gdb) run --test=0 --format=xsha
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0 --format=xsha
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: Mac OS X 10.4 - 10.6 salted SHA-1 [128/128 SSE2 4x]...
Program received signal SIGSEGV, Segmentation fault.
0x0812d4c4 in round0 ()
(gdb) bt
#0  0x0812d4c4 in round0 ()

Looks like even the backtrace is incomplete here.


mscash2

(gdb) run --test=0 --format=mscash2
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=mscash2
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: M$ Cache Hash 2 (DCC2) PBKDF2-HMAC-SHA-1 [128/128 SSE2 4x]...
Program received signal SIGSEGV, Segmentation fault.
0x0812d4c4 in round0 ()
(gdb) bt
#0  0x0812d4c4 in round0 ()
#1  0x084102f8 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)

So, no luck with he backtrace.


oracle11

(gdb) run --test=0 --format=oracle11
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=oracle11
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: Oracle 11g SHA-1 [128/128 SSE2 4x]...
Program received signal SIGSEGV, Segmentation fault.
0x0812c4c4 in round0 ()
(gdb) bt
#0  0x0812c4c4 in round0 ()

No backtrace


raw-md5u

(gdb) run --test=0 --format=raw-md5u
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=raw-md5u
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: md5(unicode($p)) [128/128 SSE2 intrinsics 16x]...
Program received signal SIGSEGV, Segmentation fault.
0x0812f8b3 in SSEmd5body (data=0x840d028, out=0x840d440, init=1) at
sse-intrinsics.c:122
122			MD5_STEP(MD5_F, a, b, c, d, 0, 0xd76aa478, 7)
(gdb) bt
#0  0x0812f8b3 in SSEmd5body (data=0x840d028, out=0x840d440, init=1) at
sse-intrinsics.c:122
#1  0x080cd632 in crypt_all (count=1) at rawmd5u_fmt_plug.c:482
#2  0x080ffeaa in fmt_self_test (format=<optimized out>) at formats.c:243
#3  0x080f9652 in benchmark_format (format=0x81b386c <fmt_rawmd5uthick>,
salts=-1073746152,
    results=<optimized out>) at bench.c:159
#4  0x080f9f6b in benchmark_all () at bench.c:498
#5  0x08102f50 in john_run () at john.c:711
#6  0x08102b39 in main (argc=3, argv=0xbffff124) at john.c:1008
(gdb) up
#1  0x080cd632 in crypt_all (count=1) at rawmd5u_fmt_plug.c:482
482		SSEmd5body(saved_key, (unsigned int*)crypt_key, 1);
(gdb) print saved_key
$1 = (unsigned char *) 0x840d028 "t"


"test1" got overwritten.
data not aligned at 16 bytes.


sapb

(gdb) run --test=0 --format=sapb
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0 --format=sapb
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: SAP CODVN B (BCODE) [128/128 SSE2 intrinsics 16x]...
Program received signal SIGSEGV, Segmentation fault.
0x0812f8b3 in SSEmd5body (data=0x840d028, out=0x840d858, init=1) at
sse-intrinsics.c:122
122			MD5_STEP(MD5_F, a, b, c, d, 0, 0xd76aa478, 7)
(gdb) bt
#0  0x0812f8b3 in SSEmd5body (data=0x840d028, out=0x840d858, init=1) at
sse-intrinsics.c:122
#1  0x080d2be1 in crypt_all (count=1) at sapB_fmt_plug.c:480
#2  0x080ff50a in fmt_self_test (format=<optimized out>) at formats.c:243
#3  0x080f8cb2 in benchmark_format (format=0x81b4d00 <fmt_sapB>,
salts=-1073746152, results=<optimized out>)
    at bench.c:159
#4  0x080f95cb in benchmark_all () at bench.c:498
#5  0x081025b0 in john_run () at john.c:711
#6  0x08102199 in main (argc=3, argv=0xbffff124) at john.c:1008
(gdb) up
#1  0x080d2be1 in crypt_all (count=1) at sapB_fmt_plug.c:480
480			DO_MMX_MD5(&saved_key[t*NBKEYS*64], &crypt_key[t*NBKEYS*16]);
(gdb) print saved_key
$1 = (unsigned char *) 0x840d028 "\030\006\200"
(gdb) print saved_key[4]
$2 = 6 '\006'

Password from test got overwritten.
data not aligned at 16 bytes.


sapg

(gdb) run --test=0 --format=sapg
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0 --format=sapg
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: SAP CODVN F/G (PASSCODE) [128/128 SSE2 4x]...
Program received signal SIGSEGV, Segmentation fault.
0x0812bb6b in skip_endianity ()
(gdb) bt
#0  0x0812bb6b in skip_endianity ()
#1  0x00000004 in ?? ()
#2  0x00000002 in ?? ()
#3  0x000000fc in ?? ()
#4  0xbfffdcec in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)


sunmd5

(gdb) run --test=0 --format=sunmd5
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=sunmd5
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: SunMD5 [128/128 SSE2 intrinsics 16x x576]...
Program received signal SIGSEGV, Segmentation fault.
0x0812c8b3 in SSEmd5body (data=0x840a028, out=0x8410858, init=1) at
sse-intrinsics.c:122
122			MD5_STEP(MD5_F, a, b, c, d, 0, 0xd76aa478, 7)
(gdb) bt
#0  0x0812c8b3 in SSEmd5body (data=0x840a028, out=0x8410858, init=1) at
sse-intrinsics.c:122
#1  0x080a1924 in crypt_all (count=<optimized out>) at sunmd5_fmt_plug.c:640
#2  0x080fcd61 in fmt_self_test (format=<optimized out>) at formats.c:240
#3  0x080f65b2 in benchmark_format (format=0x81ab544 <fmt_sunmd5>,
salts=-1073746152, results=<optimized out>)
    at bench.c:159
#4  0x080f6ecb in benchmark_all () at bench.c:498
#5  0x080ffeb0 in john_run () at john.c:711
#6  0x080ffa99 in main (argc=3, argv=0xbffff124) at john.c:1008
(gdb) up
#1  0x080a1924 in crypt_all (count=<optimized out>) at sunmd5_fmt_plug.c:640
640				SSEmd5body(input_buf, (unsigned int *)out_buf, 1);
(gdb) print input_buf
$1 = (
    unsigned char *) 0x840a028
"\241\335\356\212+\373\321\316j;h\275h\351\034\354n\257\246v\241\220\352\243\t\204\250\204\212\374R\333\005\312<\231\312\020\263/\267\300\235\265\n\354\265V\250}#\202\247"

sunmd5 format doesn't use the password directly, so it is harder to tell
whether input_buf is corrupted. But it is definitely not aligned at 16
bytes.


wpapsk

(gdb) run --test=0 --format=wpapsk
Starting program: /home/fd/git/JohnTheRipper/run/john --test=0
--format=wpapsk
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Warning: doing quick benchmarking - the performance numbers will be
inaccurate
Benchmarking: WPA-PSK PBKDF2-HMAC-SHA-1 [128/128 SSE2 4x]...
Program received signal SIGSEGV, Segmentation fault.
0x081273d5 in reload_ctx ()
(gdb) bt
#0  0x081273d5 in reload_ctx ()
#1  0x08127442 in shammx_reloadinit_nosizeupdate_nofinalbyteswap ()
#2  0x083ef240 in ?? ()
#3  0x00726572 in ?? ()
#4  0x00010000 in ?? ()
#5  0x00000000 in ?? ()
(gdb) up
#1  0x08127442 in shammx_reloadinit_nosizeupdate_nofinalbyteswap ()
(gdb) up
#2  0x083ef240 in ?? ()

No helpful backtrace...


All the others passes self test.
May be I should try the test suite on the remaining formats if I find
the time for it.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.