From c7ed2ade176b888172bda1765ba92677198208b7 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Sun, 19 Mar 2017 20:41:50 +0100 Subject: [PATCH] Fixed a race condition when a session finishes the input-base was freed but accessed afterwards Fixes https://github.com/hashcat/hashcat/issues/1192 --- deps/OpenCL-Headers/CL | 2 +- docs/changes.txt | 3 ++- src/status.c | 22 +++++++++++----------- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/deps/OpenCL-Headers/CL b/deps/OpenCL-Headers/CL index bf0f43b76..42e7afe06 160000 --- a/deps/OpenCL-Headers/CL +++ b/deps/OpenCL-Headers/CL @@ -1 +1 @@ -Subproject commit bf0f43b76f4556c3d5717f8ba8a01216b27f4af7 +Subproject commit 42e7afe066a67107c2236b86c9864a472f8eead8 diff --git a/docs/changes.txt b/docs/changes.txt index ca8b5c25e..b5e4c5e7a 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -22,7 +22,8 @@ - Fixed a problem where --stdout combined with custom charsets incorrectly displayed an error message - Fixed a typo that resulted in the minimum password length not being correctly initialized - Fixed a problem with parsing and displaying -m 7000 = Fortigate (FortiOS) hashes -- Fixed --remove was not applied in case all hashes have been cracked by help of potfile or weak-hash check +- Fixed --remove was not applied in case all hashes have been cracked by potfile or weak-hash check +- Fixed a race condition when a session finishes the input-base was freed but accessed afterwards ## ## Technical diff --git a/src/status.c b/src/status.c index 5b534fd90..468f01973 100644 --- a/src/status.c +++ b/src/status.c @@ -188,7 +188,7 @@ char *status_get_session (const hashcat_ctx_t *hashcat_ctx) { const user_options_t *user_options = hashcat_ctx->user_options; - return user_options->session; + return strdup (user_options->session); } char *status_get_status_string (const hashcat_ctx_t *hashcat_ctx) @@ -436,7 +436,7 @@ char *status_get_input_base (const hashcat_ctx_t *hashcat_ctx) { const straight_ctx_t *straight_ctx = hashcat_ctx->straight_ctx; - return straight_ctx->dict; + return strdup (straight_ctx->dict); } else if (user_options->attack_mode == ATTACK_MODE_COMBI) { @@ -444,30 +444,30 @@ char *status_get_input_base (const hashcat_ctx_t *hashcat_ctx) if (combinator_ctx->combs_mode == COMBINATOR_MODE_BASE_LEFT) { - return combinator_ctx->dict1; + return strdup (combinator_ctx->dict1); } else { - return combinator_ctx->dict2; + return strdup (combinator_ctx->dict2); } } else if (user_options->attack_mode == ATTACK_MODE_BF) { const mask_ctx_t *mask_ctx = hashcat_ctx->mask_ctx; - return mask_ctx->mask; + return strdup (mask_ctx->mask); } else if (user_options->attack_mode == ATTACK_MODE_HYBRID1) { const straight_ctx_t *straight_ctx = hashcat_ctx->straight_ctx; - return straight_ctx->dict; + return strdup (straight_ctx->dict); } else if (user_options->attack_mode == ATTACK_MODE_HYBRID2) { const straight_ctx_t *straight_ctx = hashcat_ctx->straight_ctx; - return straight_ctx->dict; + return strdup (straight_ctx->dict); } return NULL; @@ -569,11 +569,11 @@ char *status_get_input_mod (const hashcat_ctx_t *hashcat_ctx) if (combinator_ctx->combs_mode == COMBINATOR_MODE_BASE_LEFT) { - return combinator_ctx->dict2; + return strdup (combinator_ctx->dict2); } else { - return combinator_ctx->dict1; + return strdup (combinator_ctx->dict1); } } else if (user_options->attack_mode == ATTACK_MODE_BF) @@ -584,13 +584,13 @@ char *status_get_input_mod (const hashcat_ctx_t *hashcat_ctx) { const mask_ctx_t *mask_ctx = hashcat_ctx->mask_ctx; - return mask_ctx->mask; + return strdup (mask_ctx->mask); } else if (user_options->attack_mode == ATTACK_MODE_HYBRID2) { const mask_ctx_t *mask_ctx = hashcat_ctx->mask_ctx; - return mask_ctx->mask; + return strdup (mask_ctx->mask); } return NULL;