Aleksey Cherepanov
Aleksey Cherepanov
gcc 10 gives warnings about `snprintf`. It does not give warnings like gcc 11 in #4637. ``` $ gcc --version gcc (Debian 10.2.1-6) 10.2.1 20210110 ``` ``` dynamic_fmt.c: In function...
It was found in #4032. NT format rejects some candidates and truncates others: ``` >>> passlib.hash.nthash().hash(u'a' * 27) '3f9798b4e3c435593074a9ef81662507' $ echo '$NT$3f9798b4e3c435593074a9ef81662507' > nt.pw $ # Ok $ perl -le...
https://github.com/openwall/john/pull/5129#issuecomment-1122289902 > OK, I took a closer look - while we don't have -g in CLFAGS in top-level Makefile.in explicitly, it appears to be getting added by autoconf. Anyway, I...
Working on #5031 for PHPS that relies on `pDynamic_6->methods.valid`, I found that dynamic's valid is quite permissive. It does not reject garbage after `$HEX$`: ``` $dynamic_6$612f95cf86c4e196f6b627bab3f01b62$HEX$$$$$$$ ``` Is it ok?...
Playing with options after #5084, I tried values like `255 * 255 * 255 * x` for `--mask-internal-target=`. Overly big `x` causes message like the following: ``` 0: OpenCL CL_INVALID_BUFFER_SIZE...
CMIYC 2019 created [interest](https://www.openwall.com/lists/john-users/2019/10/06/1) to feed candidates into single mode with high precision because the hashes are very slow (real world example: Ashley Madison leak). E.g. it may be desirable...
It looks like there might be a problem in `.pre-commit.sh`: ```sh TXT_FILES=`git diff --cached --name-only | grep -E $TXT_FILE_PATTERN` TXT_FILES="$TXT_FILES"`git diff --cached --name-only | grep -E ^doc/` ``` I guess...
Working on #5027 I found that `enc_lc` can write one more byte than specified by `dst_bufsize` argument. Name suggests that it is ok to pass `sizeof` of a buffer as...
I created hashes with `--fuzz-dump` commenting out most of self-tests in pkzip format (for test in #5023). It turned out that regular attack can crash when in ASan build: (local...
ASan reports leaks after `--fuzz`ing format with dynamic salt allocation (#752). I patched out most self tests in `pkzip_fmt_plug.c`, so only the last one is present. It is short and...