1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-12-28 01:18:35 +00:00
Commit Graph

1578 Commits

Author SHA1 Message Date
jsteube
7858f37800 Fix for CID 1402403 2017-02-15 13:27:33 +01:00
jsteube
e47932262d Fix uint datatype (should be u32) 2017-02-15 13:26:02 +01:00
philsmd
6eaa7e3741
tainted string fix: check some lower/upper bounds of the strings 2017-02-15 13:19:53 +01:00
philsmd
98129da7dc
add dummy check around hashcat_get_status () within inner2_loop to make coverity happy 2017-02-15 12:57:18 +01:00
philsmd
fe33957303
rule engine: prevent integer underflow and dead code 2017-02-15 12:41:32 +01:00
jsteube
b4bfade4ec Merge branch 'master' of https://github.com/hashcat/hashcat 2017-02-15 12:36:09 +01:00
jsteube
b381b38fd8 Fix CID 1402374 2017-02-15 12:36:03 +01:00
philsmd
1a0b1cd144
cpu MD5: use smaller than (<) instead of != to make coverity happy 2017-02-15 12:11:18 +01:00
jsteube
8b28940630 Merge branch 'master' of https://github.com/hashcat/hashcat 2017-02-15 12:09:30 +01:00
jsteube
104958af2d Fix CID 1402413 2017-02-15 12:09:14 +01:00
philsmd
12517f1b7a
typo: don't add URI_prefix_len and URI_suffix_len twice 2017-02-15 11:50:35 +01:00
philsmd
02480f906a
prevent buffer overflow in case of OPTS_TYPE_ST_ADD80 and/or OPTS_TYPE_ST_ADD01 2017-02-15 11:33:52 +01:00
philsmd
0993f2e748
fixed maximum salt_len for pbkdf2 buffers 2017-02-14 22:05:47 +01:00
philsmd
54915e4d7b
minor: do not use UINT_MAX as upper bound for the salt_len 2017-02-14 21:54:49 +01:00
philsmd
f351461ecd
max esalt_buf for sip fixed: we also need to append 0x80 2017-02-14 21:45:18 +01:00
jsteube
be3ce44f75 Fix CID 1402444 (#1 of 1): Out-of-bounds read 2017-02-14 21:40:11 +01:00
philsmd
056d1f3da4 minor: use 2 distinct return value to avoid dead code detections 2017-02-14 21:24:45 +01:00
jsteube
f61788eac1 Merge branch 'master' of https://github.com/hashcat/hashcat 2017-02-14 21:22:04 +01:00
jsteube
0642639b81 CID 1402417 (#1 of 1): Division or modulo by float zero 2017-02-14 21:21:24 +01:00
philsmd
1f88ae42ef
dead code: hash_len is always > 0 at this location 2017-02-14 21:09:04 +01:00
jsteube
ed772a02a4 Check for at least one active OpenCL device before running weak-hash-check 2017-02-14 21:05:44 +01:00
philsmd
9ed93fcce9
dead code: here we do not need to check for NULL 2017-02-14 21:01:52 +01:00
jsteube
6bcfca26b3 Fix CID 1402873: Dereference before null check 2017-02-14 20:53:42 +01:00
philsmd
f535eb2bd0
always check the input for NULL before the strtok_r () calls 2017-02-14 20:46:03 +01:00
Jens Steube
f9bbd42b4a Merge pull request #1092 from philsmd/master
fix our usage of strtok_r (), it was not 100% correct
2017-02-14 20:12:18 +01:00
philsmd
12047861c5
also double-check input/output of strtok_r () 2017-02-14 20:07:49 +01:00
jsteube
4b3d39623c Restore: Add some checks on the rd->cwd variable in restore case 2017-02-14 20:05:44 +01:00
jsteube
b2dbd22979 Moved datatype from double to u32 in autotune.c as this makes no difference 2017-02-14 19:51:49 +01:00
philsmd
a82f6fb77c
our usage of strtok_r () was not totally correct (but almost) 2017-02-14 19:48:07 +01:00
philsmd
e5ecbb9a59
minor: within parse_and_store_salt () do the initialization of the buffer at the very start 2017-02-14 19:30:36 +01:00
Jens Steube
33da74f6db Merge pull request #1090 from philsmd/pr/hwmon_step_fix
minor: the step value should never be zero
2017-02-14 19:25:46 +01:00
philsmd
5ea1bd2a99
minor: the step value should never be zero 2017-02-14 19:22:51 +01:00
philsmd
05f8abdbe7
minor: useless code (since we removed the swaps) 2017-02-14 19:17:45 +01:00
philsmd
f87c65d081
minor: check return value of hc_stat () and use fclose () in case of error 2017-02-14 19:12:24 +01:00
philsmd
7818712090
minor: check for return value of sscanf () within the zip2 parse function 2017-02-14 18:58:25 +01:00
philsmd
9efc429928
dead code: in office parse functions 2017-02-14 18:49:35 +01:00
philsmd
94a37157c1
dead code: both hashes_avail and hash_len can't be 0 here 2017-02-14 18:33:53 +01:00
philsmd
4eadbf221e
dead code: already implied length within the android fde parsing function 2017-02-14 18:25:20 +01:00
philsmd
8fa361dffa
dead code: already implied length within the android fde parsing function 2017-02-14 18:22:46 +01:00
jsteube
d069c980d0 Testfix for CID 1402439 (#1 of 1): Out-of-bounds read 2017-02-14 18:07:33 +01:00
jsteube
958ca90132 Test failed to workaround coverity false-positive 2017-02-14 17:59:23 +01:00
Jens Steube
b682091155 Merge pull request #1082 from philsmd/master
we always need to check for NULL after strchr ()
2017-02-14 17:55:37 +01:00
jsteube
231592101e Test commit to workaround coverity false-positive 2017-02-14 17:54:36 +01:00
philsmd
d366a93bb3
we always need to check for NULL after strchr () 2017-02-14 17:54:18 +01:00
philsmd
49ba6cb05d
-m 13100 = Kerberos 5 TGS-REP: parser failed to correctly verify the hash 2017-02-14 17:45:05 +01:00
philsmd
6915bfad8b
keyfiles: for VeraCrypt/TrueCrypt keyfiles we need to free the memory in case of errors 2017-02-14 17:32:39 +01:00
philsmd
23368c7304
fix: added additional fclose () whenever an hash parsing error occurs 2017-02-14 17:22:52 +01:00
jsteube
906bcf52f9 CID 1402488 (#1 of 1): Resource leak 2017-02-14 17:18:57 +01:00
jsteube
7f3d107129 Fixed pointer to local outside scope in case -j or -k is used 2017-02-14 17:13:36 +01:00
Jens Steube
a3efaa219c Merge pull request #1078 from philsmd/master
if fstat () fails we shouldn't forget to close the file
2017-02-14 17:08:25 +01:00