mirror of
https://github.com/hashcat/hashcat.git
synced 2024-11-22 16:18:09 +00:00
Merge pull request #3260 from philsmd/philsmd-rp-memleak
fixes #3253: memory leak in CPU rule engine fixed
This commit is contained in:
Jens Steube
GitHub
commit
8ad2f176ff
@ -44,6 +44,7 @@
|
|||||||
- Fixed handling of devices in benchmark mode for "kernel build error". Instead of canceling, skip the device and move on to the next
|
- Fixed handling of devices in benchmark mode for "kernel build error". Instead of canceling, skip the device and move on to the next
|
||||||
- Fixed handling of password candidates that are shorter than the minimum password length in Association Attack
|
- Fixed handling of password candidates that are shorter than the minimum password length in Association Attack
|
||||||
- Fixed --hash-info example password output: force uppercase if OPTS_TYPE_PT_UPPER is set
|
- Fixed --hash-info example password output: force uppercase if OPTS_TYPE_PT_UPPER is set
|
||||||
|
- Fixed memory leak in CPU rule engine
|
||||||
- Fixed method of how OPTS_TYPE_AUX* kernels are called in an association attack, for example in WPA/WPA2 kernel
|
- Fixed method of how OPTS_TYPE_AUX* kernels are called in an association attack, for example in WPA/WPA2 kernel
|
||||||
- Fixed missing option flag OPTS_TYPE_SUGGEST_KG for hash-mode 11600 to inform the user about possible false positives in this mode
|
- Fixed missing option flag OPTS_TYPE_SUGGEST_KG for hash-mode 11600 to inform the user about possible false positives in this mode
|
||||||
- Fixed optimized (-O) candidate generation with --stdout and -a 7
|
- Fixed optimized (-O) candidate generation with --stdout and -a 7
|
||||||
|
|||||||
44
src/rp_cpu.c
44
src/rp_cpu.c
@ -531,6 +531,8 @@ int _old_apply_rule (const char *rule, int rule_len, char in[RP_PASSWORD_SIZE],
|
|||||||
|
|
||||||
char *rule_new = (char *) hcmalloc (rule_len);
|
char *rule_new = (char *) hcmalloc (rule_len);
|
||||||
|
|
||||||
|
#define HCFREE_AND_RETURN(x) { hcfree (rule_new); return (x); }
|
||||||
|
|
||||||
int rule_len_new = 0;
|
int rule_len_new = 0;
|
||||||
|
|
||||||
int rule_pos;
|
int rule_pos;
|
||||||
@ -794,26 +796,26 @@ int _old_apply_rule (const char *rule, int rule_len, char in[RP_PASSWORD_SIZE],
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_MANGLE_EXTRACT_MEMORY:
|
case RULE_OP_MANGLE_EXTRACT_MEMORY:
|
||||||
if (mem_len < 1) return (RULE_RC_REJECT_ERROR);
|
if (mem_len < 1) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos);
|
NEXT_RPTOI (rule_new, rule_pos, upos);
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, ulen);
|
NEXT_RPTOI (rule_new, rule_pos, ulen);
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos2);
|
NEXT_RPTOI (rule_new, rule_pos, upos2);
|
||||||
if ((out_len = mangle_insert_multi (out, out_len, upos2, mem, mem_len, upos, ulen)) < 1) return (out_len);
|
if ((out_len = mangle_insert_multi (out, out_len, upos2, mem, mem_len, upos, ulen)) < 1) HCFREE_AND_RETURN (out_len);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_MANGLE_APPEND_MEMORY:
|
case RULE_OP_MANGLE_APPEND_MEMORY:
|
||||||
if (mem_len < 1) return (RULE_RC_REJECT_ERROR);
|
if (mem_len < 1) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
if ((out_len + mem_len) >= RP_PASSWORD_SIZE) return (RULE_RC_REJECT_ERROR);
|
if ((out_len + mem_len) >= RP_PASSWORD_SIZE) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
memcpy (out + out_len, mem, mem_len);
|
memcpy (out + out_len, mem, mem_len);
|
||||||
out_len += mem_len;
|
out_len += mem_len;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_MANGLE_PREPEND_MEMORY:
|
case RULE_OP_MANGLE_PREPEND_MEMORY:
|
||||||
if (mem_len < 1) return (RULE_RC_REJECT_ERROR);
|
if (mem_len < 1) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
if ((mem_len + out_len) >= RP_PASSWORD_SIZE) return (RULE_RC_REJECT_ERROR);
|
if ((mem_len + out_len) >= RP_PASSWORD_SIZE) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
memcpy (mem + mem_len, out, out_len);
|
memcpy (mem + mem_len, out, out_len);
|
||||||
out_len += mem_len;
|
out_len += mem_len;
|
||||||
memcpy (out, mem, out_len);
|
memcpy (out, mem, out_len);
|
||||||
@ -827,24 +829,24 @@ int _old_apply_rule (const char *rule, int rule_len, char in[RP_PASSWORD_SIZE],
|
|||||||
case RULE_OP_REJECT_LESS:
|
case RULE_OP_REJECT_LESS:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos);
|
NEXT_RPTOI (rule_new, rule_pos, upos);
|
||||||
if (out_len > upos) return (RULE_RC_REJECT_ERROR);
|
if (out_len > upos) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_GREATER:
|
case RULE_OP_REJECT_GREATER:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos);
|
NEXT_RPTOI (rule_new, rule_pos, upos);
|
||||||
if (out_len < upos) return (RULE_RC_REJECT_ERROR);
|
if (out_len < upos) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_EQUAL:
|
case RULE_OP_REJECT_EQUAL:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos);
|
NEXT_RPTOI (rule_new, rule_pos, upos);
|
||||||
if (out_len != upos) return (RULE_RC_REJECT_ERROR);
|
if (out_len != upos) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_CONTAIN:
|
case RULE_OP_REJECT_CONTAIN:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
if (strchr (out, rule_new[rule_pos]) != NULL) return (RULE_RC_REJECT_ERROR);
|
if (strchr (out, rule_new[rule_pos]) != NULL) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_NOT_CONTAIN:
|
case RULE_OP_REJECT_NOT_CONTAIN:
|
||||||
@ -857,33 +859,33 @@ int _old_apply_rule (const char *rule, int rule_len, char in[RP_PASSWORD_SIZE],
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
return (RULE_RC_REJECT_ERROR);
|
HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_EQUAL_FIRST:
|
case RULE_OP_REJECT_EQUAL_FIRST:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
if (out[0] != rule_new[rule_pos]) return (RULE_RC_REJECT_ERROR);
|
if (out[0] != rule_new[rule_pos]) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_EQUAL_LAST:
|
case RULE_OP_REJECT_EQUAL_LAST:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
if (out[out_len - 1] != rule_new[rule_pos]) return (RULE_RC_REJECT_ERROR);
|
if (out[out_len - 1] != rule_new[rule_pos]) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_EQUAL_AT:
|
case RULE_OP_REJECT_EQUAL_AT:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos);
|
NEXT_RPTOI (rule_new, rule_pos, upos);
|
||||||
if ((upos + 1) > out_len) return (RULE_RC_REJECT_ERROR);
|
if ((upos + 1) > out_len) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
if (out[upos] != rule_new[rule_pos]) return (RULE_RC_REJECT_ERROR);
|
if (out[upos] != rule_new[rule_pos]) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_CONTAINS:
|
case RULE_OP_REJECT_CONTAINS:
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
NEXT_RPTOI (rule_new, rule_pos, upos);
|
NEXT_RPTOI (rule_new, rule_pos, upos);
|
||||||
if ((upos + 1) > out_len) return (RULE_RC_REJECT_ERROR);
|
if ((upos + 1) > out_len) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
NEXT_RULEPOS (rule_pos);
|
NEXT_RULEPOS (rule_pos);
|
||||||
int c; int cnt;
|
int c; int cnt;
|
||||||
for (c = 0, cnt = 0; c < out_len && cnt < upos; c++)
|
for (c = 0, cnt = 0; c < out_len && cnt < upos; c++)
|
||||||
@ -895,23 +897,23 @@ int _old_apply_rule (const char *rule, int rule_len, char in[RP_PASSWORD_SIZE],
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cnt < upos) return (RULE_RC_REJECT_ERROR);
|
if (cnt < upos) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RULE_OP_REJECT_MEMORY:
|
case RULE_OP_REJECT_MEMORY:
|
||||||
if ((out_len == mem_len) && (memcmp (out, mem, out_len) == 0)) return (RULE_RC_REJECT_ERROR);
|
if ((out_len == mem_len) && (memcmp (out, mem, out_len) == 0)) HCFREE_AND_RETURN (RULE_RC_REJECT_ERROR);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return (RULE_RC_SYNTAX_ERROR);
|
HCFREE_AND_RETURN (RULE_RC_SYNTAX_ERROR);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
memset (out + out_len, 0, RP_PASSWORD_SIZE - out_len);
|
memset (out + out_len, 0, RP_PASSWORD_SIZE - out_len);
|
||||||
|
|
||||||
hcfree (rule_new);
|
HCFREE_AND_RETURN (out_len);
|
||||||
|
|
||||||
return (out_len);
|
#undef HCFREE_AND_RETURN
|
||||||
}
|
}
|
||||||
|
|
||||||
int run_rule_engine (const int rule_len, const char *rule_buf)
|
int run_rule_engine (const int rule_len, const char *rule_buf)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user