1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-14 11:48:57 +00:00

Fix access violation in hashconfig_destroy if hashcat_ctx_t is only partially initialized.

Fix hashcat_ctx leak and refactor module and kernel existence checks.
This commit is contained in:
Jukka Ojanen 2021-06-21 22:56:55 +03:00
parent 2c48bba62d
commit 6967e706c2
2 changed files with 45 additions and 49 deletions

View File

@ -495,20 +495,21 @@ void hashconfig_destroy (hashcat_ctx_t *hashcat_ctx)
}
}
if (hashconfig->hook_extra_param_size)
if (module_ctx->hook_extra_params)
{
const int hook_threads = (int) user_options->hook_threads;
for (int i = 0; i < hook_threads; i++)
if (hashconfig->hook_extra_param_size)
{
hcfree (module_ctx->hook_extra_params[i]);
}
const int hook_threads = (int) user_options->hook_threads;
hcfree (module_ctx->hook_extra_params);
}
else
{
hcfree (module_ctx->hook_extra_params[0]);
for (int i = 0; i < hook_threads; i++)
{
hcfree (module_ctx->hook_extra_params[i]);
}
}
else
{
hcfree (module_ctx->hook_extra_params[0]);
}
hcfree (module_ctx->hook_extra_params);
}

View File

@ -2845,27 +2845,6 @@ int user_options_check_files (hashcat_ctx_t *hashcat_ctx)
}
}
// single kernel and module existence check to detect "7z e" errors
char *modulefile = (char *) hcmalloc (HCBUFSIZ_TINY);
module_filename (folder_config, 0, modulefile, HCBUFSIZ_TINY);
if (hc_path_exist (modulefile) == false)
{
event_log_error (hashcat_ctx, "%s: %s", modulefile, strerror (errno));
event_log_warning (hashcat_ctx, "If you are using the hashcat binary package, this may be an extraction issue.");
event_log_warning (hashcat_ctx, "For example, using \"7z e\" instead of using \"7z x\".");
event_log_warning (hashcat_ctx, NULL);
hcfree (modulefile);
return -1;
}
hcfree (modulefile);
const bool quiet_save = user_options->quiet;
user_options->quiet = true;
@ -2874,31 +2853,47 @@ int user_options_check_files (hashcat_ctx_t *hashcat_ctx)
user_options->quiet = quiet_save;
if (rc == -1) return -1;
hashconfig_destroy (hashcat_ctx);
// same check but for an backend kernel
char *kernelfile = (char *) hcmalloc (HCBUFSIZ_TINY);
generate_source_kernel_filename (false, ATTACK_EXEC_OUTSIDE_KERNEL, ATTACK_KERN_STRAIGHT, 400, 0, folder_config->shared_dir, kernelfile);
if (hc_path_read (kernelfile) == false)
if (rc == -1)
{
event_log_error (hashcat_ctx, "%s: %s", kernelfile, strerror (errno));
// module existence check to detect "7z e" errors
event_log_warning (hashcat_ctx, "If you are using the hashcat binary package, this may be an extraction issue.");
event_log_warning (hashcat_ctx, "For example, using \"7z e\" instead of using \"7z x\".");
event_log_warning (hashcat_ctx, NULL);
const module_ctx_t* module_ctx = hashcat_ctx->module_ctx;
hcfree (kernelfile);
if (module_ctx->module_handle == NULL)
{
event_log_warning (hashcat_ctx, "If you are using the hashcat binary package, this may be an extraction issue.");
event_log_warning (hashcat_ctx, "For example, using \"7z e\" instead of using \"7z x\".");
event_log_warning (hashcat_ctx, NULL);
}
hashconfig_destroy (hashcat_ctx);
return -1;
}
else
{
// same check but for an backend kernel
hcfree (kernelfile);
const hashconfig_t* hashconfig = hashcat_ctx->hashconfig;
char kernelfile[HCBUFSIZ_TINY] = { 0 };
generate_source_kernel_filename (user_options->slow_candidates, hashconfig->attack_exec, user_options_extra->attack_kern, hashconfig->kern_type, hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL, folder_config->shared_dir, kernelfile);
hashconfig_destroy (hashcat_ctx);
if (hc_path_read (kernelfile) == false)
{
event_log_error (hashcat_ctx, "%s: %s", kernelfile, strerror(errno));
event_log_warning (hashcat_ctx, "If you are using the hashcat binary package, this may be an extraction issue.");
event_log_warning (hashcat_ctx, "For example, using \"7z e\" instead of using \"7z x\".");
event_log_warning (hashcat_ctx, NULL);
return -1;
}
}
// loopback - can't check at this point
// tuning file check already done