lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 10 Nov 2014 14:02:05 -0800
From: epixoip <epixoip@...dshell.nl>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Another PHC candidates "mechanical" tests

On 11/10/2014 11:09 AM, Milan Broz wrote:
> On 11/10/2014 07:15 PM, epixoip wrote:
>> Just for clarification, there is no requirement for PHS() to return raw
>> output, and you created the bug & subsequent buffer overflow in PHS()
>> with a half-baked patch.
> Well, that's why I am tracking all my changes separately. The patch is here
> https://github.com/mbroz/PHCtest/blob/master/hash_libs/pufferfish/patches/fix-raw-output.patch
>
> What exactly is half-baked? 
>
> To the overflow: just send small buffer of outlen size and see what strlen() will do in memmove
> (without the patch).


Sorry, the way it is worded on the website made it sound to me like you
changed pufferfish() to raw output in PHS() and THEN receiving a buffer
overflow due to calling strlen() on the raw output. I see now what you
mean about strlen(hash) > outlen due to the prepended setting string,
that would certainly cause a buffer overflow if the output buffer is
only outlen bytes.


>> Furthermore, PHS() is merely the wrapper for the sake of this contest.
>> The 'official' interface for the reference implemenation is pufferfish().
> Shrug... Yes. I can just say that PHS() simply produces non-random output
> (because ASCII has high bits set to zero) and crashes because it is not
> respecting outlen parameter and move along.
>
> But I think it would be pity to remove nice algorithm from testing just because
> of this small mistake... (And the first sentence in my tests says that
> I am testing PHS() function only).

I'm not saying that, I'm saying don't judge the quality of the algorithm
by the quality of PHS() since PHS() is only used in this contest, and
not anywhere else.
 

Powered by blists - more mailing lists