1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-12-23 07:08:19 +00:00

Fixed out-of-boundary write in slow candidates mode in combinator attack

This commit is contained in:
Jens Steube 2021-06-24 12:15:41 +02:00
parent 28c08de9ef
commit 1a4758da83
2 changed files with 8 additions and 2 deletions

View File

@ -17,6 +17,7 @@
- Fixed false negative in hash-mode 15900 (DPAPI masterkey file v2) if password was longer than 64 characters
- Fixed hashcat_ctx leak and refactor module and kernel existence checks
- Fixed integer overflow in Recovered/Time status view column caused by division > 0 but < 1
- Fixed out-of-boundary write in slow candidates mode in combinator attack
##
## Features

View File

@ -313,11 +313,16 @@ void slow_candidates_next (hashcat_ctx_t *hashcat_ctx, void *extra_info)
break;
}
memcpy (extra_info_combi->out_buf + extra_info_combi->out_len, line_buf, line_len);
// this can overflow so we move it up
extra_info_combi->out_len += line_len;
memset (extra_info_combi->out_buf + extra_info_combi->out_len, 0, sizeof (extra_info_combi->out_buf) - extra_info_combi->out_len);
if (extra_info_combi->out_len <= sizeof (extra_info_combi->out_buf))
{
memcpy (extra_info_combi->out_buf + extra_info_combi->out_len, line_buf, line_len);
memset (extra_info_combi->out_buf + extra_info_combi->out_len, 0, sizeof (extra_info_combi->out_buf) - extra_info_combi->out_len);
}
extra_info_combi->comb_pos_prev = extra_info_combi->comb_pos;