Solar Designer
Solar Designer
We have many calls to `fseek` and `lseek`. Some of those (I think including all that come from core) check/use the return value. However, many don't. Now that I grep...
@ihsinme Thanks. What was your reason to report this to us, and to ping us about it now? I see no reason to single this issue out, nor to prioritize...
@ihsinme I took a look at other issues you reported to other projects at about the same time. Is this some kind of experiment with static code analysis or with...
> fixing your code is based on your coding principles, not my behavior. I fully agree, and we'll proceed with the code accordingly. For some of our other projects with...
This is a valid issue that should ideally be resolved, so now that we have it opened anyway I see no reason to just close it (unless we were to...
@claudioandre-br It wouldn't take much computing power to add testing of `*2john` tools against their known output (what they currently output for our samples). Compared to the kind of testing...
Thank you for the reminder. I think at this time a better name would have been `INSECURITY`, as I had suggested here: https://github.com/openwall/john/issues/3513#issuecomment-447601798 > I think we should very explicitly...
@michaellrowley Please read the comment above, and then create a public issue in here for what you found. Knowing that might also help us make sure the `SECURITY.md` we'd create...
> null pointer dereference which would only have occured in low-resource situations Sounds like a missed NULL check after `malloc()` or such, so a bug to fix. Ideally, you'd send...
@JamieSlome Thank you, it's an interesting platform you run, but of course no reason to treat this issue reported via it as non-public. May I just create a public issue...