From 092e838cf4e95f54c4b3ac639c6982302755554c Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Sun, 25 Apr 2021 20:50:59 +0200 Subject: [PATCH] Fixed buffer overflow in -m 4710 in -P mode and only in single hash mode if salt length was larger than 32 byte --- OpenCL/m04710_a3-pure.cl | 2 +- docs/changes.txt | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/OpenCL/m04710_a3-pure.cl b/OpenCL/m04710_a3-pure.cl index 950c434d3..ab776db6a 100644 --- a/OpenCL/m04710_a3-pure.cl +++ b/OpenCL/m04710_a3-pure.cl @@ -211,7 +211,7 @@ KERNEL_FQ void m04710_sxx (KERN_ATTR_VECTOR ()) const u32 salt_len = salt_bufs[SALT_POS].salt_len; - u32x s[8] = { 0 }; + u32x s[64] = { 0 }; for (u32 i = 0, idx = 0; i < salt_len; i += 4, idx += 1) { diff --git a/docs/changes.txt b/docs/changes.txt index 3d0320f4a..dc422bce7 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -42,6 +42,7 @@ - Fixed both false negative and false positive result in -m 3000 in -a 3 (affected only NVIDIA GPU) - Fixed buffer overflow in -m 1800 in -O mode which is optimized to handle only password candidates up to length 15 +- Fixed buffer overflow in -m 4710 in -P mode and only in single hash mode if salt length was larger than 32 byte - Fixed incorrect maximum password length support for -m 400 in optimized mode (reduced from 55 to 39) - Fixed internal access on module option attribute OPTS_TYPE_SUGGEST_KG with the result that it was unused - Fixed invalid handling of outfile folder entries for -m 22000