New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crashes under ASan from fuzzing: PBKDF2-HMAC-MD5, SSH, hdaa, scrypt, and others #5157
Comments
|
|
|
Playing with
|
Another crasher for
There is such length adjustments for base64 while cursalt.len = (len + 3) / 4 * 3 - DIGEST_SIZE;
p = &ciphertext[len];
while (*--p == '=')
cursalt.len--;
memcpy(cursalt.data.c, realcipher+DIGEST_SIZE, cursalt.len); It was found manually. I guess it is possible to write a specific mutator to let fuzzer find that. |
The crash happens with a correct hash too. The problem is that I have asan build and allocator initialized memory to non-zero values. Together with it, |
I have fixes for all these crashes. I'll prepare PR after more testing. |
It was found inserting zeroes into username. Username had underscore, so it became a point for insertion. Without underscore, my mutator would not find the crash. OTOH |
ssh
:hdaa
:pbkdf2-hmac-md5
:scrypt
:The text was updated successfully, but these errors were encountered: