>From 76e2bc71b8a9cea4eac1ac8328ff3faea536790f Mon Sep 17 00:00:00 2001 From: Alexander Cherepanov Date: Wed, 15 May 2013 00:36:38 +0400 Subject: [PATCH 3/3] Fix a crash in dynamic with an overlong salt. --- src/dynamic_fmt.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/dynamic_fmt.c b/src/dynamic_fmt.c index 76e5cdd..b7e016e 100644 --- a/src/dynamic_fmt.c +++ b/src/dynamic_fmt.c @@ -741,6 +741,8 @@ static int valid(char *ciphertext, struct fmt_main *pFmt) if (cp[cipherTextLen] && cp[cipherTextLen] != '$') return 0; + if (strlen(&cp[cipherTextLen]) > SALT_SIZE) + return 0; if (pPriv->dynamic_FIXED_SALT_SIZE && ciphertext[pPriv->dynamic_SALT_OFFSET-1] != '$') return 0; if (pPriv->dynamic_FIXED_SALT_SIZE > 0 && strlen(&ciphertext[pPriv->dynamic_SALT_OFFSET]) != pPriv->dynamic_FIXED_SALT_SIZE) { -- 1.7.2.5