arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-08-01 03:18:17 +00:00
Code Issues Releases Wiki Activity

Fix buffer overflow in src/hashes.c

Browse Source
This commit is contained in:
Jens Steube 2020-01-13 14:40:52 +01:00
parent adbba513f6
commit 84209dd2ff
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/hashes.c
View File

@ -330,22 +330,23 @@ void check_hash (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, pl
// plain // plain
u8 plain_buf[256+1]; u8 plain_buf[0x1000]; // while the password itself can have only length 256, the module could encode it with something like base64 which inflates the requires buffer size
memset (plain_buf, 0, sizeof (plain_buf)); memset (plain_buf, 0, sizeof (plain_buf));
u8 *plain_ptr = plain_buf; u8 *plain_ptr = plain_buf;
int plain_len = 0; int plain_len = 0;
build_plain (hashcat_ctx, device_param, plain, (u32 *)plain_buf, &plain_len); build_plain (hashcat_ctx, device_param, plain, (u32 *) plain_buf, &plain_len);
if (module_ctx->module_build_plain_postprocess != MODULE_DEFAULT) if (module_ctx->module_build_plain_postprocess != MODULE_DEFAULT)
{ {
u8 temp_buf[256+1] = { 0 }; u8 temp_buf[0x1000];
memset (temp_buf, 0, sizeof (temp_buf)); memset (temp_buf, 0, sizeof (temp_buf));
const int temp_len = module_ctx->module_build_plain_postprocess (hashcat_ctx->hashconfig, hashcat_ctx->hashes, tmps, (u32 *)plain_buf, sizeof (plain_buf), plain_len, (u32 *)temp_buf, sizeof (temp_buf)); const int temp_len = module_ctx->module_build_plain_postprocess (hashcat_ctx->hashconfig, hashcat_ctx->hashes, tmps, (u32 *) plain_buf, sizeof (plain_buf), plain_len, (u32 *)temp_buf, sizeof (temp_buf));
if (temp_len < (int) sizeof (plain_buf)) if (temp_len < (int) sizeof (plain_buf))
{ {