arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-22 16:18:09 +00:00
Code Issues Releases Wiki Activity

fixed base64_decode () input length validation for -m 8900

Browse Source
This commit is contained in:
philsmd 2016-03-29 09:49:05 +02:00
parent c4e6ffc346
commit 9b75b245d5
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/changes.txt
View File

@ -175,6 +175,10 @@ Type.: Bug
File.: Host
Desc.: Fixed some checks in the parser of -m 5600 = NetNTLMv2
Type.: Bug
File.: Host
Desc.: Fixed some checks in the parser of -m 8900 = scrypt
* changes v2.00 -> v2.01:
Type.: Bug

6
src/shared.c
View File

@ -14688,9 +14688,13 @@ int scrypt_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
// base64 decode
int salt_len_base64 = hash_pos - saltbuf_pos;
if (salt_len_base64 > 45) return (PARSER_SALT_LENGTH);
u8 tmp_buf[33] = { 0 };
int tmp_len = base64_decode (base64_to_int, (const u8 *) saltbuf_pos, hash_pos - saltbuf_pos, tmp_buf);
int tmp_len = base64_decode (base64_to_int, (const u8 *) saltbuf_pos, salt_len_base64, tmp_buf);
char *salt_buf_ptr = (char *) salt->salt_buf;