From d366a93bb33c5c0800b522598e58e3ff2b25571a Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Tue, 14 Feb 2017 17:54:18 +0100
Subject: [PATCH] we always need to check for NULL after strchr ()

---
 src/interface.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/interface.c b/src/interface.c
index bef3835c0..beacdd9cb 100644
--- a/src/interface.c
+++ b/src/interface.c
@@ -7448,6 +7448,8 @@ int des_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED
 
   u8 *salt_pos = (u8 *) strchr ((const char *) digest_pos, ':');
 
+  if (salt_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+
   if (input_buf[16] != hashconfig->separator) return (PARSER_SEPARATOR_UNMATCHED);
 
   u32 salt_len = salt_pos - digest_pos;
@@ -8022,6 +8024,8 @@ int juniper_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UN
 
   u8 *hash_pos = (u8 *) strchr ((const char *) salt_pos, '$'); // or simply salt_pos + 8
 
+  if (hash_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+
   salt->salt_len = hash_pos - salt_pos;    // should be 8
 
   memcpy ((u8 *) salt->salt_buf, salt_pos, salt->salt_len);
@@ -10544,6 +10548,8 @@ int postgresql_auth_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf,
 
   u8 *hash_pos = (u8 *) strchr ((const char *) salt_pos, '*');
 
+  if (hash_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+
   hash_pos++;
 
   u32 hash_len = input_len - (hash_pos - input_buf);
@@ -12670,6 +12676,8 @@ int keepass_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UN
   {
     u8 *keyfile_len_pos = (u8 *) strchr ((const char *) keyfile_inline_pos, '*');
 
+    if (keyfile_len_pos == NULL) return (PARSER_SALT_LENGTH);
+
     keyfile_len_pos++;
 
     int keyfile_len = atoi ((const char *) keyfile_len_pos);