1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-18 22:28:14 +00:00
Commit Graph

3548 Commits

Author SHA1 Message Date
Jens Steube
a07875e25d Merge pull request #1110 from hashcat/revert-1109-master
Revert "tainted string: maybe strdup () helps us out"
2017-02-15 14:17:58 +01:00
Jens Steube
899b120316 Revert "tainted string: maybe strdup () helps us out" 2017-02-15 14:17:48 +01:00
Jens Steube
ad24f5d2ed Merge pull request #1109 from philsmd/master
tainted string: maybe strdup () helps us out
2017-02-15 13:59:41 +01:00
philsmd
0ca0448bd9
tainted string: maybe strdup () helps us out 2017-02-15 13:57:07 +01:00
Jens Steube
add3ec6f54 Merge pull request #1108 from philsmd/master
tainted string: test number 2, try to limit the length of the compute variable
2017-02-15 13:49:03 +01:00
philsmd
d21fbe0b2f
tainted string: test #2, try to limit the length of the compute variable 2017-02-15 13:45:02 +01:00
jsteube
7858f37800 Fix for CID 1402403 2017-02-15 13:27:33 +01:00
jsteube
e47932262d Fix uint datatype (should be u32) 2017-02-15 13:26:02 +01:00
Jens Steube
3d632d9a42 Merge pull request #1107 from philsmd/master
tainted string fix: check some lower/upper bounds of the strings
2017-02-15 13:24:51 +01:00
philsmd
6eaa7e3741
tainted string fix: check some lower/upper bounds of the strings 2017-02-15 13:19:53 +01:00
Jens Steube
04ac71a36a Merge pull request #1106 from philsmd/master
add dummy check around hashcat_get_status () within inner2_loop
2017-02-15 13:02:07 +01:00
philsmd
98129da7dc
add dummy check around hashcat_get_status () within inner2_loop to make coverity happy 2017-02-15 12:57:18 +01:00
Jens Steube
aa8fa5ff6e Merge pull request #1105 from philsmd/master
rule engine: prevent integer underflow and dead code
2017-02-15 12:44:12 +01:00
philsmd
fe33957303
rule engine: prevent integer underflow and dead code 2017-02-15 12:41:32 +01:00
jsteube
b4bfade4ec Merge branch 'master' of https://github.com/hashcat/hashcat 2017-02-15 12:36:09 +01:00
jsteube
b381b38fd8 Fix CID 1402374 2017-02-15 12:36:03 +01:00
Jens Steube
09fc684ad1 Merge pull request #1104 from philsmd/master
cpu MD5: use smaller than (<) instead of != to make coverity happy
2017-02-15 12:25:58 +01:00
philsmd
1a0b1cd144
cpu MD5: use smaller than (<) instead of != to make coverity happy 2017-02-15 12:11:18 +01:00
jsteube
8b28940630 Merge branch 'master' of https://github.com/hashcat/hashcat 2017-02-15 12:09:30 +01:00
jsteube
104958af2d Fix CID 1402413 2017-02-15 12:09:14 +01:00
Jens Steube
5a637aab1b Merge pull request #1103 from philsmd/master
typo: don't add URI_prefix_len and URI_suffix_len twice
2017-02-15 11:53:21 +01:00
philsmd
12517f1b7a
typo: don't add URI_prefix_len and URI_suffix_len twice 2017-02-15 11:50:35 +01:00
Jens Steube
ae8f702fef Merge pull request #1102 from philsmd/master
prevent buffer overflow in case of OPTS_TYPE_ST_ADD80 and/or OPTS_TYPE_ST_ADD01
2017-02-15 11:43:27 +01:00
philsmd
02480f906a
prevent buffer overflow in case of OPTS_TYPE_ST_ADD80 and/or OPTS_TYPE_ST_ADD01 2017-02-15 11:33:52 +01:00
Jens Steube
8717672d00 Merge pull request #1099 from philsmd/master
fixed maximum salt_len for pbkdf2 buffers
2017-02-15 10:33:09 +01:00
philsmd
0993f2e748
fixed maximum salt_len for pbkdf2 buffers 2017-02-14 22:05:47 +01:00
Jens Steube
577303677c Merge pull request #1098 from philsmd/master
minor: do not use UINT_MAX as upper bound for the salt_len
2017-02-14 21:57:53 +01:00
philsmd
54915e4d7b
minor: do not use UINT_MAX as upper bound for the salt_len 2017-02-14 21:54:49 +01:00
Jens Steube
4b85144cc2 Merge pull request #1097 from philsmd/master
max esalt_buf for sip fixed: we also need to append 0x80
2017-02-14 21:48:12 +01:00
philsmd
f351461ecd
max esalt_buf for sip fixed: we also need to append 0x80 2017-02-14 21:45:18 +01:00
jsteube
be3ce44f75 Fix CID 1402444 (#1 of 1): Out-of-bounds read 2017-02-14 21:40:11 +01:00
Jens Steube
4012dc5bdb Merge pull request #1096 from philsmd/master
minor: use 2 distinct return value to avoid dead code detections
2017-02-14 21:28:46 +01:00
philsmd
056d1f3da4 minor: use 2 distinct return value to avoid dead code detections 2017-02-14 21:24:45 +01:00
jsteube
f61788eac1 Merge branch 'master' of https://github.com/hashcat/hashcat 2017-02-14 21:22:04 +01:00
jsteube
0642639b81 CID 1402417 (#1 of 1): Division or modulo by float zero 2017-02-14 21:21:24 +01:00
Jens Steube
7b9e06c438 Merge pull request #1095 from philsmd/master
dead code: hash_len is always > 0 at this location
2017-02-14 21:12:59 +01:00
philsmd
1f88ae42ef
dead code: hash_len is always > 0 at this location 2017-02-14 21:09:04 +01:00
jsteube
ed772a02a4 Check for at least one active OpenCL device before running weak-hash-check 2017-02-14 21:05:44 +01:00
Jens Steube
8fe0765084 Merge pull request #1094 from philsmd/master
dead code: here we do not need to check for NULL
2017-02-14 21:03:30 +01:00
philsmd
9ed93fcce9
dead code: here we do not need to check for NULL 2017-02-14 21:01:52 +01:00
jsteube
6bcfca26b3 Fix CID 1402873: Dereference before null check 2017-02-14 20:53:42 +01:00
Jens Steube
1afc47829f Merge pull request #1093 from philsmd/master
always check the input for NULL before the strtok_r () calls
2017-02-14 20:47:55 +01:00
philsmd
f535eb2bd0
always check the input for NULL before the strtok_r () calls 2017-02-14 20:46:03 +01:00
Jens Steube
f9bbd42b4a Merge pull request #1092 from philsmd/master
fix our usage of strtok_r (), it was not 100% correct
2017-02-14 20:12:18 +01:00
philsmd
12047861c5
also double-check input/output of strtok_r () 2017-02-14 20:07:49 +01:00
jsteube
4b3d39623c Restore: Add some checks on the rd->cwd variable in restore case 2017-02-14 20:05:44 +01:00
jsteube
b2dbd22979 Moved datatype from double to u32 in autotune.c as this makes no difference 2017-02-14 19:51:49 +01:00
philsmd
a82f6fb77c
our usage of strtok_r () was not totally correct (but almost) 2017-02-14 19:48:07 +01:00
Jens Steube
afa3326330 Merge pull request #1091 from philsmd/master
minor: within parse_and_store_salt () do the initialization of the buffer @ start
2017-02-14 19:33:27 +01:00
philsmd
e5ecbb9a59
minor: within parse_and_store_salt () do the initialization of the buffer at the very start 2017-02-14 19:30:36 +01:00