From bc965c9c9b0f5fdd7844569cd35272c939d7cfc4 Mon Sep 17 00:00:00 2001 From: philsmd Date: Sun, 13 Mar 2016 15:57:53 +0100 Subject: [PATCH] fixed checks in -m 500 parser --- docs/changes.txt | 4 ++++ src/shared.c | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/changes.txt b/docs/changes.txt index 231117b04..5f40503bb 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -155,6 +155,10 @@ Type.: Bug File.: Host Desc.: Fixed some checks in the parser of -m 111 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA +Type.: Bug +File.: Host +Desc.: Fixed some checks in the parser of -m 500 = md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5 + * changes v2.00 -> v2.01: Type.: Bug diff --git a/src/shared.c b/src/shared.c index 9932806dd..5acd74a84 100644 --- a/src/shared.c +++ b/src/shared.c @@ -10272,6 +10272,8 @@ int phpass_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf) int md5crypt_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf) { + if (input_len < DISPLAY_LEN_MIN_500) return (PARSER_GLOBAL_LENGTH); + if (memcmp (SIGNATURE_MD5CRYPT, input_buf, 3)) return (PARSER_SIGNATURE_UNMATCHED); u32 *digest = (u32 *) hash_buf->digest; @@ -10304,7 +10306,7 @@ int md5crypt_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf) salt->salt_iter = ROUNDS_MD5CRYPT; } - if ((input_len < DISPLAY_LEN_MIN_500) || (input_len > (DISPLAY_LEN_MAX_500 + iterations_len))) return (PARSER_GLOBAL_LENGTH); + if (input_len > (DISPLAY_LEN_MAX_500 + iterations_len)) return (PARSER_GLOBAL_LENGTH); char *hash_pos = strchr (salt_pos, '$');