From bcbb9b0d2c89d7a928908589e3d7248528eff193 Mon Sep 17 00:00:00 2001 From: Jukka Ojanen Date: Mon, 5 Jul 2021 15:38:07 +0300 Subject: [PATCH 1/6] Fix skipped device param leak in backend_ctx_devices_destroy --- src/backend.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/backend.c b/src/backend.c index c0a40e748..057496973 100644 --- a/src/backend.c +++ b/src/backend.c @@ -7399,8 +7399,6 @@ void backend_ctx_devices_destroy (hashcat_ctx_t *hashcat_ctx) { hc_device_param_t *device_param = &backend_ctx->devices_param[backend_devices_idx]; - if (device_param->skipped == true) continue; - hcfree (device_param->device_name); if (device_param->is_opencl == true) From 2f7eec2fd77898e44cb9d86de7a25e340a201c6d Mon Sep 17 00:00:00 2001 From: Jukka Ojanen Date: Mon, 5 Jul 2021 15:52:48 +0300 Subject: [PATCH 2/6] Fix early return leaks in backend_ctx_init and backend_ctx_devices_init --- src/backend.c | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/src/backend.c b/src/backend.c index 057496973..bfd5112bb 100644 --- a/src/backend.c +++ b/src/backend.c @@ -5415,7 +5415,12 @@ int backend_ctx_init (hashcat_ctx_t *hashcat_ctx) char *opencl_platform_vendor = (char *) hcmalloc (param_value_size); - if (hc_clGetPlatformInfo (hashcat_ctx, opencl_platform, CL_PLATFORM_VENDOR, param_value_size, opencl_platform_vendor, NULL) == -1) return -1; + if (hc_clGetPlatformInfo (hashcat_ctx, opencl_platform, CL_PLATFORM_VENDOR, param_value_size, opencl_platform_vendor, NULL) == -1) + { + hcfree (opencl_platform_vendor); + + return -1; + } opencl_platforms_vendor[opencl_platforms_idx] = opencl_platform_vendor; @@ -5425,7 +5430,12 @@ int backend_ctx_init (hashcat_ctx_t *hashcat_ctx) char *opencl_platform_name = (char *) hcmalloc (param_value_size); - if (hc_clGetPlatformInfo (hashcat_ctx, opencl_platform, CL_PLATFORM_NAME, param_value_size, opencl_platform_name, NULL) == -1) return -1; + if (hc_clGetPlatformInfo (hashcat_ctx, opencl_platform, CL_PLATFORM_NAME, param_value_size, opencl_platform_name, NULL) == -1) + { + hcfree (opencl_platform_name); + + return -1; + } opencl_platforms_name[opencl_platforms_idx] = opencl_platform_name; @@ -5435,7 +5445,12 @@ int backend_ctx_init (hashcat_ctx_t *hashcat_ctx) char *opencl_platform_version = (char *) hcmalloc (param_value_size); - if (hc_clGetPlatformInfo (hashcat_ctx, opencl_platform, CL_PLATFORM_VERSION, param_value_size, opencl_platform_version, NULL) == -1) return -1; + if (hc_clGetPlatformInfo (hashcat_ctx, opencl_platform, CL_PLATFORM_VERSION, param_value_size, opencl_platform_version, NULL) == -1) + { + hcfree (opencl_platform_version); + + return -1; + } opencl_platforms_version[opencl_platforms_idx] = opencl_platform_version; @@ -5724,6 +5739,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_cuDeviceGetName (hashcat_ctx, device_name, HCBUFSIZ_TINY, cuda_device) == -1) { device_param->skipped = true; + hcfree (device_name); continue; } @@ -6150,6 +6166,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DEVICE_BOARD_NAME_AMD, param_value_size, device_name, NULL) == -1) { device_param->skipped = true; + hcfree (device_name); continue; } @@ -6168,6 +6185,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DEVICE_NAME, param_value_size, device_name, NULL) == -1) { device_param->skipped = true; + hcfree (device_name); continue; } @@ -6191,6 +6209,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DEVICE_VENDOR, param_value_size, opencl_device_vendor, NULL) == -1) { device_param->skipped = true; + hcfree (opencl_device_vendor); continue; } @@ -6266,6 +6285,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DEVICE_VERSION, param_value_size, opencl_device_version, NULL) == -1) { device_param->skipped = true; + hcfree (opencl_device_version); continue; } @@ -6284,6 +6304,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DEVICE_OPENCL_C_VERSION, param_value_size, opencl_device_c_version, NULL) == -1) { device_param->skipped = true; + hcfree (opencl_device_c_version); continue; } @@ -6438,6 +6459,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DEVICE_EXTENSIONS, device_extensions_size, device_extensions, NULL) == -1) { device_param->skipped = true; + hcfree (device_extensions); continue; } @@ -6686,6 +6708,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) if (hc_clGetDeviceInfo (hashcat_ctx, device_param->opencl_device, CL_DRIVER_VERSION, param_value_size, opencl_driver_version, NULL) == -1) { device_param->skipped = true; + hcfree (opencl_driver_version); continue; } From b976e52bc7a59e6f53945eec1142f3a2a8f1ad13 Mon Sep 17 00:00:00 2001 From: Jukka Ojanen Date: Mon, 5 Jul 2021 19:00:35 +0300 Subject: [PATCH 3/6] Fix early return leaks in load_kernel; nvrtc_options, nvrtc_options_string, build_log. Ensure build log NULL termination. --- src/backend.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/backend.c b/src/backend.c index bfd5112bb..ab28f12d8 100644 --- a/src/backend.c +++ b/src/backend.c @@ -7827,6 +7827,9 @@ static bool load_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_p const int rc_nvrtcCompileProgram = hc_nvrtcCompileProgram (hashcat_ctx, program, num_options, (const char * const *) nvrtc_options); + hcfree(nvrtc_options_string); + hcfree(nvrtc_options); + size_t build_log_size = 0; hc_nvrtcGetProgramLogSize (hashcat_ctx, program, &build_log_size); @@ -7839,7 +7842,14 @@ static bool load_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_p { char *build_log = (char *) hcmalloc (build_log_size + 1); - if (hc_nvrtcGetProgramLog (hashcat_ctx, program, build_log) == -1) return false; + if (hc_nvrtcGetProgramLog (hashcat_ctx, program, build_log) == -1) + { + hcfree (build_log); + + return false; + } + + build_log[build_log_size] = 0; puts (build_log); @@ -7853,9 +7863,6 @@ static bool load_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_p return false; } - hcfree (nvrtc_options); - hcfree (nvrtc_options_string); - size_t binary_size = 0; if (hc_nvrtcGetPTXSize (hashcat_ctx, program, &binary_size) == -1) return false; @@ -8056,7 +8063,14 @@ static bool load_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_p const int rc_clGetProgramBuildInfo = hc_clGetProgramBuildInfo (hashcat_ctx, p1, device_param->opencl_device, CL_PROGRAM_BUILD_LOG, build_log_size, build_log, NULL); - if (rc_clGetProgramBuildInfo == -1) return false; + if (rc_clGetProgramBuildInfo == -1) + { + hcfree(build_log); + + return false; + } + + build_log[build_log_size] = 0; puts (build_log); From b3d18f86e280ab3b990fcccd25c3c667e9ef5038 Mon Sep 17 00:00:00 2001 From: Jukka Ojanen Date: Mon, 5 Jul 2021 19:03:56 +0300 Subject: [PATCH 4/6] Fix early return leaks in backend_session_begin --- src/backend.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/backend.c b/src/backend.c index ab28f12d8..3a0ef0c09 100644 --- a/src/backend.c +++ b/src/backend.c @@ -8773,7 +8773,7 @@ int backend_session_begin (hashcat_ctx_t *hashcat_ctx) * device_name_chksum_amp_mp */ - char *device_name_chksum_amp_mp = (char *) hcmalloc (HCBUFSIZ_TINY); + char device_name_chksum_amp_mp[HCBUFSIZ_TINY] = { 0 }; const size_t dnclen_amp_mp = snprintf (device_name_chksum_amp_mp, HCBUFSIZ_TINY, "%d-%d-%d-%u-%s-%s-%s", backend_ctx->comptime, @@ -9008,7 +9008,7 @@ int backend_session_begin (hashcat_ctx_t *hashcat_ctx) * device_name_chksum */ - char *device_name_chksum = (char *) hcmalloc (HCBUFSIZ_TINY); + char device_name_chksum[HCBUFSIZ_TINY] = { 0 }; // The kernel source can depend on some JiT compiler macros which themself depend on the attack_modes. // ATM this is relevant only for ATTACK_MODE_ASSOCIATION which slightly modifies ATTACK_MODE_STRAIGHT kernels. @@ -9073,8 +9073,6 @@ int backend_session_begin (hashcat_ctx_t *hashcat_ctx) } hcfree (build_options_module_buf); - - hcfree (device_name_chksum); } /** @@ -9186,8 +9184,6 @@ int backend_session_begin (hashcat_ctx_t *hashcat_ctx) if (hc_clUnloadPlatformCompiler (hashcat_ctx, platform_id) == -1) return -1; } - hcfree (device_name_chksum_amp_mp); - // some algorithm collide too fast, make that impossible if (user_options->benchmark == true) From e133bd4ec48fe0aea6d7725d68b15e1e09131375 Mon Sep 17 00:00:00 2001 From: Jukka Ojanen Date: Mon, 5 Jul 2021 19:05:10 +0300 Subject: [PATCH 5/6] Change rc_board_name_amd initial value to CL_INVALID_VALUE. If CHECK_BOARD_NAME_AMD is changed to 0, there is a problem with CL_SUCCESS which equals to 0, device will be skipped. --- src/backend.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend.c b/src/backend.c index 3a0ef0c09..07af4085e 100644 --- a/src/backend.c +++ b/src/backend.c @@ -6142,7 +6142,7 @@ int backend_ctx_devices_init (hashcat_ctx_t *hashcat_ctx, const int comptime) #define CHECK_BOARD_NAME_AMD 1 - cl_int rc_board_name_amd = 0; + cl_int rc_board_name_amd = CL_INVALID_VALUE; if (CHECK_BOARD_NAME_AMD) { From a0eaefa0c2587b1bbb9ffa59f76d9dc5aa401e02 Mon Sep 17 00:00:00 2001 From: Jukka Ojanen Date: Mon, 5 Jul 2021 20:20:51 +0300 Subject: [PATCH 6/6] Missing whitespaces --- src/backend.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/backend.c b/src/backend.c index 07af4085e..8896c74ef 100644 --- a/src/backend.c +++ b/src/backend.c @@ -7827,8 +7827,8 @@ static bool load_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_p const int rc_nvrtcCompileProgram = hc_nvrtcCompileProgram (hashcat_ctx, program, num_options, (const char * const *) nvrtc_options); - hcfree(nvrtc_options_string); - hcfree(nvrtc_options); + hcfree (nvrtc_options_string); + hcfree (nvrtc_options); size_t build_log_size = 0; @@ -8065,7 +8065,7 @@ static bool load_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_p if (rc_clGetProgramBuildInfo == -1) { - hcfree(build_log); + hcfree (build_log); return false; }