[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120803004345.GB6345@openwall.com>
Date: Fri, 3 Aug 2012 04:43:45 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Wordlist memory corruption - 1.7.9-jumbo-6
Guth, Jim, magnum -
On Wed, Aug 01, 2012 at 01:14:25PM +0200, Guth wrote:
> It seems that jtr segfault/corrupt memory on wordlist attacks under some
> circonstances:
>
> guth[run]$ ./john
> John the Ripper password cracker, ver: 1.7.9-jumbo-6 [linux-x86-64-native]
Yes. wordlist.c in jumbo is extremely dirty. I think we should
reimplement all changes made to it (relative to its revision in 1.7.9
release) in a cleaner fashion.
> guth[run]$ cat -e polish_rev_2
> ^Mzciwonakaba$
> ^Mruzaba$
I am able to reproduce the crash using this wordlist, thanks.
The bug appears to be that at first lines are counted looking for just
one of the CR or LF characters, and the words[] array is allocated
accordingly, but then either character terminates the word and thus
requires a words[] array element for the next word.
Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
