1
0
mirror of https://github.com/hashcat/hashcat.git synced 2025-01-13 17:21:10 +00:00

Fixed out-of-boundary read in input_tokenizer() if the signatures in the hash line is longer than the constant signature in the plugin

This commit is contained in:
Jens Steube 2021-08-01 10:21:21 +02:00
parent f4e52ca533
commit 6bcbc218d6
2 changed files with 2 additions and 1 deletions

View File

@ -14,6 +14,7 @@
- Fixed autotune unitialized tmps variable for slow hashes by calling _init kernel before calling _loop kernel
- Fixed datatype in function sha384_hmac_init_vector_128() that could come into effect if vector datatype was manually set
- Fixed false negative in all VeraCrypt hash-modes if both conditions are met: 1. use CPU for cracking and 2. PIM range was used
- Fixed out-of-boundary read in input_tokenizer() if the signature in the hash is longer than the length of the plugins' signature constant
##
## Improvements

View File

@ -1181,7 +1181,7 @@ int input_tokenizer (const u8 *input_buf, const int input_len, token_t *token)
for (int signature_idx = 0; signature_idx < token->signatures_cnt; signature_idx++)
{
if (memcmp (token->buf[token_idx], token->signatures_buf[signature_idx], token->len[token_idx]) == 0) matched = true;
if (strncmp ((char *) token->buf[token_idx], token->signatures_buf[signature_idx], token->len[token_idx]) == 0) matched = true;
}
if (matched == false) return (PARSER_SIGNATURE_UNMATCHED);