Closed frank-dittrich closed 9 years ago
OK in 00d4fe7 I tried to implement a similar test in rar_getbits() that @jfoug did in rarvm_getbits() in aa9589ed because it really looked like that would be the issue. But it did not help. I committed it anyway because I have a feeling it will be a good thing.
Right before the ASAN crash I had this
rar_getbits: in_addr=3 in_bit=3 read_top=48
So we were not anywhere near the end. Yet it indicates we read past buffer there. I'm not sure how to proceed.
I give up for now
Was read_top not the correct struct member to test? I'm not 100% sure so don't get embedded.
I think https://github.com/magnumripper/JohnTheRipper/commit/079e3ca9be6eaa327e4ea7ece86e8a59804498b0 also fixed this one.
Yes, it does. Thanks.
This is with latest rar format fixes, JtR commit be26caa3a3cf6fe841605f622df7406781ae1387 and TestSute commit https://github.com/magnumripper/jtrTestSuite/commit/14e2cc5f4b63a4829c1985434fe421369a7120d2:
Just repeating the rar test:
Reproducing it on the command line: