File.: Host
Desc.: Fixed some checks in the parser of -m 8900 = scrypt
+Type.: Bug
+File.: Host
+Desc.: Fixed some checks in the parser of -m 10200 = Cram MD5
+
* changes v2.00 -> v2.01:
Type.: Bug
char *hash_pos = strchr (salt_pos, '$');
- uint salt_len = hash_pos - salt_pos;
-
if (hash_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+ uint salt_len = hash_pos - salt_pos;
+
hash_pos++;
uint hash_len = input_len - 10 - salt_len - 1;
// base64 decode salt
+ if (salt_len > 133) return (PARSER_SALT_LENGTH);
+
u8 tmp_buf[100] = { 0 };
salt_len = base64_decode (base64_to_int, (const u8 *) salt_pos, salt_len, tmp_buf);
salt->salt_len = salt_len;
- // base64 decode salt
+ // base64 decode hash
+
+ if (hash_len > 133) return (PARSER_HASH_LENGTH);
memset (tmp_buf, 0, sizeof (tmp_buf));
hash_len = base64_decode (base64_to_int, (const u8 *) hash_pos, hash_len, tmp_buf);
+ if (hash_len < 32 + 1) return (PARSER_SALT_LENGTH);
+
uint user_len = hash_len - 32;
const u8 *tmp_hash = tmp_buf + user_len;