Fixes for prepare/valid encoding checks/conversions. See #2252.

openwall · Sep 4, 2016 · cd4cf0d · cd4cf0d
1 parent a33e4d3
commit cd4cf0d
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 19 deletions.
diff --git a/src/mscash_common_plug.c b/src/mscash_common_plug.c
@@ -91,7 +91,11 @@ int mscash1_common_valid(char *ciphertext, struct fmt_main *self)
 
 	// This is tricky: Max supported salt length is 19 characters of Unicode
 	saltlen = enc_to_utf16(realsalt, MSCASH1_MAX_SALT_LENGTH+1, (UTF8*)strnzcpy(insalt, &ciphertext[FORMAT_TAG_LEN], l - FORMAT_TAG_LEN), l - 3);
-	if (saltlen < 0 || saltlen > MSCASH1_MAX_SALT_LENGTH) {
+	if (saltlen < 0) {
+		fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
+		error();
+	}
+	if (saltlen > MSCASH1_MAX_SALT_LENGTH) {
 		static int warned = 0;
 
 		if (!ldr_in_pot)
@@ -289,7 +293,11 @@ int mscash2_common_valid(char *ciphertext, int max_salt_length, struct fmt_main
 	while (ciphertext[i] && ciphertext[i] != '#') ++i;
 	++i;
 	saltlen = enc_to_utf16(realsalt, max_salt_length, (UTF8*)strnzcpy(insalt, &ciphertext[i], l-i), l-(i+1));
-	if (saltlen < 0 || saltlen > max_salt_length) {
+	if (saltlen < 0) {
+		fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
+		error();
+	}
+	if (saltlen > max_salt_length) {
 		static int warned = 0;
 
 		if (!ldr_in_pot)
@@ -360,4 +368,3 @@ char *mscash2_common_prepare(char *split_fields[10], struct fmt_main *self)
 	MEM_FREE(cp);
 	return split_fields[1];
 }
-
diff --git a/src/o3logon_fmt_plug.c b/src/o3logon_fmt_plug.c
@@ -137,7 +137,11 @@ static int valid(char *ciphertext, struct fmt_main *self)
 	memcpy(tmp, ciphertext, cp-ciphertext);
 	tmp[cp-ciphertext] = 0;
 	len = enc_to_utf16((UTF16 *)cur_key_mixedcase, MAX_USERNAME_LEN+1, (unsigned char*)tmp, strlen(tmp));
-	if (len < 0 || len > MAX_USERNAME_LEN)
+	if (len < 0) {
+		fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
+		error();
+	}
+	if (len > MAX_USERNAME_LEN)
 		return 0;
 
 	ciphertext = cp+1;

diff --git a/src/oracle_fmt_plug.c b/src/oracle_fmt_plug.c
@@ -108,15 +108,30 @@ static int valid(char *ciphertext, struct fmt_main *self)
 	 * 2 - it comes from memory, and has got O$ + salt + # + blah
 	 */
 
-	if (strlen(ciphertext) > CIPHERTEXT_LENGTH + MAX_USERNAME_LEN + 3)
+	if (strlen(ciphertext) > CIPHERTEXT_LENGTH + 3 +
+	    MAX_USERNAME_LEN * (options.input_enc == UTF_8 ? 3 : 1))
 		return 0;
 
 	if (!memcmp(ciphertext, FORMAT_TAG, FORMAT_TAG_LEN))
 	{
+		int len;
+		char name[MAX_USERNAME_LEN + 1];
+		UTF16 name16[MAX_USERNAME_LEN + 1 + 1];
+
+		ciphertext += FORMAT_TAG_LEN;
 		l = strlen(ciphertext) - CIPHERTEXT_LENGTH;
 		if (l <= 0)
 			return 0;
-		if(ciphertext[l-1]!='#')
+		if (ciphertext[l-1] != '#')
+			return 0;
+		strnzcpy(name, ciphertext, sizeof(name));
+		len = enc_to_utf16(name16, MAX_USERNAME_LEN + 1,
+		                   (UTF8*)name, strlen(name));
+		if (len < 0) {
+			fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
+			error();
+		}
+		if (len > MAX_USERNAME_LEN)
 			return 0;
 	}
 	else
@@ -147,9 +162,8 @@ static char *prepare(char *split_fields[10], struct fmt_main *self)
 	sprintf (cp, "%s%s#%s", FORMAT_TAG, split_fields[0], split_fields[1]);
 	if (valid(cp, self))
 	{
-		UTF8 tmp8[30*3+1];
-		UTF16 tmp16[31];
-		int utf8len, utf16len;
+		UTF8 tmp8[MAX_USERNAME_LEN * 3 + 1];
+		int utf8len;
 
 		// we no longer need this.  It was just used for valid().   We will recompute
 		// all lengths, after we do an upcase, since upcase can change the length of the
@@ -159,14 +173,6 @@ static char *prepare(char *split_fields[10], struct fmt_main *self)
 		// Upcase user name, --encoding aware
 		utf8len = enc_uc(tmp8, sizeof(tmp8), (unsigned char*)split_fields[0], strlen(split_fields[0]));
 
-		if (utf8len <= 0 && split_fields[0][0])
-			return split_fields[1];
-
-		// make sure this 'fits' into 30 unicode's
-		utf16len = enc_to_utf16(tmp16, 30, tmp8, utf8len);
-		if (utf16len <= 0)
-			return split_fields[1];
-
 		cp = mem_alloc_tiny(utf8len + strlen(split_fields[1]) + 4, MEM_ALIGN_NONE);
 		sprintf (cp, "%s%s#%s", FORMAT_TAG, tmp8, split_fields[1]);
 #ifdef DEBUG_ORACLE
@@ -317,8 +323,6 @@ static void * get_salt(char * ciphertext)
 	enc_strupper((char*)salt);
 
 	l = enc_to_utf16_be(&out[1], MAX_USERNAME_LEN, (UTF8 *)salt, l);
-	if (l < 0)
-		l = strlen16(&out[1]);
 
 	out[0] = (l<<1);
 	return out;