zip2john problem -- corrupted size vs. prev_size

[ghost]

You can donwload the zipfile from here: http://maltchev.com/kiti/vagk.zip (2M)

user@debian:~/JohnTheRipper/run$ ./zip2john vagk.zip
ERROR: ld.so: object '/usr/lib/libtcmalloc_minimal.so.4' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
ver 1.0 vagk.zip/drivers_Win7/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 1.0 vagk.zip/drivers_Win7/amd64/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 2.0 vagk.zip/drivers_Win7/amd64/ftbusui.dll PKZIP Encr: cmplen=68768, decmplen=143688, crc=2DEE0B26
ver 2.0 vagk.zip/drivers_Win7/amd64/ftcserco.dll PKZIP Encr: cmplen=27008, decmplen=51528, crc=7D22F725
ver 2.0 vagk.zip/drivers_Win7/amd64/ftd2xx.lib PKZIP Encr: cmplen=3881, decmplen=17428, crc=BAFF59F3
ver 2.0 vagk.zip/drivers_Win7/amd64/ftd2xx64.dll PKZIP Encr: cmplen=160833, decmplen=330056, crc=164BA541
ver 2.0 vagk.zip/drivers_Win7/amd64/ftdibus.sys PKZIP Encr: cmplen=37923, decmplen=69320, crc=FFC7DA84
ver 2.0 vagk.zip/drivers_Win7/amd64/ftlang.dll PKZIP Encr: cmplen=125218, decmplen=284992, crc=CF03D16
ver 2.0 vagk.zip/drivers_Win7/amd64/ftser2k.sys PKZIP Encr: cmplen=44133, decmplen=84808, crc=A97BA23
ver 2.0 vagk.zip/drivers_Win7/amd64/ftserui2.dll PKZIP Encr: cmplen=27894, decmplen=55112, crc=51810B3B
ver 2.0 vagk.zip/drivers_Win7/CDM 2 06 00 Release Info.rtf PKZIP Encr: cmplen=13246, decmplen=103682, crc=10519AF1
ver 2.0 vagk.zip/drivers_Win7/ftd2xx.h PKZIP Encr: cmplen=6239, decmplen=23384, crc=E0272279
ver 2.0 vagk.zip/drivers_Win7/ftdibus.cat PKZIP Encr: cmplen=5490, decmplen=11819, crc=FA9E42AD
ver 2.0 vagk.zip/drivers_Win7/ftdibus.inf PKZIP Encr: cmplen=1450, decmplen=4412, crc=7C4AFE0C
ver 2.0 vagk.zip/drivers_Win7/ftdiport.cat PKZIP Encr: cmplen=5349, decmplen=10915, crc=3A0EDBF7
ver 2.0 vagk.zip/drivers_Win7/ftdiport.inf PKZIP Encr: cmplen=1713, decmplen=5364, crc=D9B2D6B4
ver 1.0 vagk.zip/drivers_Win7/i386/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 2.0 vagk.zip/drivers_Win7/i386/ftbusui.dll PKZIP Encr: cmplen=57721, decmplen=120136, crc=95988041
ver 2.0 vagk.zip/drivers_Win7/i386/ftcserco.dll PKZIP Encr: cmplen=30231, decmplen=54088, crc=C55B2960
ver 2.0 vagk.zip/drivers_Win7/i386/ftd2xx.dll PKZIP Encr: cmplen=110013, decmplen=206144, crc=E86BD486
ver 2.0 vagk.zip/drivers_Win7/i386/ftd2xx.lib PKZIP Encr: cmplen=4048, decmplen=19056, crc=AD25F7B
ver 2.0 vagk.zip/drivers_Win7/i386/ftdibus.sys PKZIP Encr: cmplen=32753, decmplen=57800, crc=8A5DC73F
ver 2.0 vagk.zip/drivers_Win7/i386/ftlang.dll PKZIP Encr: cmplen=88652, decmplen=197952, crc=A648F494
ver 2.0 vagk.zip/drivers_Win7/i386/ftser2k.sys PKZIP Encr: cmplen=38653, decmplen=72520, crc=F2A94C59
ver 2.0 vagk.zip/drivers_Win7/i386/ftserui2.dll PKZIP Encr: cmplen=26464, decmplen=52552, crc=1A21C06F
ver 2.0 vagk.zip/drivers_Win7/LogoVerificationReport.pdf PKZIP Encr: cmplen=34382, decmplen=42808, crc=BAB96046
ver 2.0 vagk.zip/VAG_readme.rtf PKZIP Encr: cmplen=3475, decmplen=8709, crc=DD915979
ver 2.0 vagk.zip/Vagtacho_user_guide.txt PKZIP Encr: cmplen=3406, decmplen=8295, crc=14612A53
ver 2.0 vagk.zip/OpelDT.exe PKZIP Encr: cmplen=316425, decmplen=354816, crc=5CB566F5
ver 2.0 vagk.zip/vagtacho.exe PKZIP Encr: cmplen=716108, decmplen=845824, crc=C7E0D8FF
corrupted size vs. prev_size
Interrupted

System configuration

Attach details about your OS and about JtR, including:

• $ ./john --list=build-info.

  
  user@debian:~/JohnTheRipper/run$ ./john --list=build-info
  ERROR: ld.so: object '/usr/lib/libtcmalloc_minimal.so.4' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
  Version: 1.8.0.13-jumbo-1-bleeding-649bb4a33 2019-03-09 09:06:23 +0100
  Build: linux-gnu 64-bit x86_64 AVX2 AC OMP
  SIMD: AVX2, interleaving: MD4:3 MD5:3 SHA1:1 SHA256:1 SHA512:1
  CPU tests: AVX2
  $JOHN is ./
  Format interface version: 14
  Max. number of reported tunable costs: 4
  Rec file version: REC4
  Charset file version: CHR3
  CHARSET_MIN: 1 (0x01)
  CHARSET_MAX: 255 (0xff)
  CHARSET_LENGTH: 24
  SALT_HASH_SIZE: 1048576
  SINGLE_IDX_MAX: 32768
  SINGLE_BUF_MAX: 4294967295
  Effective limit: Max. KPC 32768
  Max. Markov mode level: 400
  Max. Markov mode password length: 30
  gcc version: 8.2.0
  GNU libc version: 2.28 (loaded: 2.28)
  Crypto library: OpenSSL
  OpenSSL library version: 01010101f
  OpenSSL 1.1.1a  20 Nov 2018
  GMP library version: 6.1.2
  File locking: fcntl()
  fseek(): fseek
  ftell(): ftell
  fopen(): fopen
  memmem(): System's

- `$ ./john --list=opencl-devices` (if applicable).

ERROR: ld.so: object '/usr/lib/libtcmalloc_minimal.so.4' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored. Section [opencl-devices] not found. help[:WHAT], subformats, inc-modes, rules, externals, ext-modes, ext-hybrids, ext-filters, ext-filters-only, build-info, hidden-options, encodings, formats, format-details, format-all-details, format-methods[:WHICH], format-tests, sections, parameters:SECTION, list-data:SECTION,

```

[claudioandre-br]

I can reproduce it locally but not on super. An external issue? A bug in Debian and derivatives?

$ john-the-ripper.zip2john vagk.zip 
ver 1.0 vagk.zip/drivers_Win7/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 1.0 vagk.zip/drivers_Win7/amd64/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 2.0 vagk.zip/drivers_Win7/amd64/ftbusui.dll PKZIP Encr: cmplen=68768, decmplen=143688, crc=2DEE0B26
ver 2.0 vagk.zip/drivers_Win7/amd64/ftcserco.dll PKZIP Encr: cmplen=27008, decmplen=51528, crc=7D22F725
ver 2.0 vagk.zip/drivers_Win7/amd64/ftd2xx.lib PKZIP Encr: cmplen=3881, decmplen=17428, crc=BAFF59F3
ver 2.0 vagk.zip/drivers_Win7/amd64/ftd2xx64.dll PKZIP Encr: cmplen=160833, decmplen=330056, crc=164BA541
ver 2.0 vagk.zip/drivers_Win7/amd64/ftdibus.sys PKZIP Encr: cmplen=37923, decmplen=69320, crc=FFC7DA84
ver 2.0 vagk.zip/drivers_Win7/amd64/ftlang.dll PKZIP Encr: cmplen=125218, decmplen=284992, crc=CF03D16
ver 2.0 vagk.zip/drivers_Win7/amd64/ftser2k.sys PKZIP Encr: cmplen=44133, decmplen=84808, crc=A97BA23
ver 2.0 vagk.zip/drivers_Win7/amd64/ftserui2.dll PKZIP Encr: cmplen=27894, decmplen=55112, crc=51810B3B
ver 2.0 vagk.zip/drivers_Win7/CDM 2 06 00 Release Info.rtf PKZIP Encr: cmplen=13246, decmplen=103682, crc=10519AF1
ver 2.0 vagk.zip/drivers_Win7/ftd2xx.h PKZIP Encr: cmplen=6239, decmplen=23384, crc=E0272279
ver 2.0 vagk.zip/drivers_Win7/ftdibus.cat PKZIP Encr: cmplen=5490, decmplen=11819, crc=FA9E42AD
ver 2.0 vagk.zip/drivers_Win7/ftdibus.inf PKZIP Encr: cmplen=1450, decmplen=4412, crc=7C4AFE0C
ver 2.0 vagk.zip/drivers_Win7/ftdiport.cat PKZIP Encr: cmplen=5349, decmplen=10915, crc=3A0EDBF7
ver 2.0 vagk.zip/drivers_Win7/ftdiport.inf PKZIP Encr: cmplen=1713, decmplen=5364, crc=D9B2D6B4
ver 1.0 vagk.zip/drivers_Win7/i386/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 2.0 vagk.zip/drivers_Win7/i386/ftbusui.dll PKZIP Encr: cmplen=57721, decmplen=120136, crc=95988041
ver 2.0 vagk.zip/drivers_Win7/i386/ftcserco.dll PKZIP Encr: cmplen=30231, decmplen=54088, crc=C55B2960
ver 2.0 vagk.zip/drivers_Win7/i386/ftd2xx.dll PKZIP Encr: cmplen=110013, decmplen=206144, crc=E86BD486
ver 2.0 vagk.zip/drivers_Win7/i386/ftd2xx.lib PKZIP Encr: cmplen=4048, decmplen=19056, crc=AD25F7B
ver 2.0 vagk.zip/drivers_Win7/i386/ftdibus.sys PKZIP Encr: cmplen=32753, decmplen=57800, crc=8A5DC73F
ver 2.0 vagk.zip/drivers_Win7/i386/ftlang.dll PKZIP Encr: cmplen=88652, decmplen=197952, crc=A648F494
ver 2.0 vagk.zip/drivers_Win7/i386/ftser2k.sys PKZIP Encr: cmplen=38653, decmplen=72520, crc=F2A94C59
ver 2.0 vagk.zip/drivers_Win7/i386/ftserui2.dll PKZIP Encr: cmplen=26464, decmplen=52552, crc=1A21C06F
ver 2.0 vagk.zip/drivers_Win7/LogoVerificationReport.pdf PKZIP Encr: cmplen=34382, decmplen=42808, crc=BAB96046
ver 2.0 vagk.zip/VAG_readme.rtf PKZIP Encr: cmplen=3475, decmplen=8709, crc=DD915979
ver 2.0 vagk.zip/Vagtacho_user_guide.txt PKZIP Encr: cmplen=3406, decmplen=8295, crc=14612A53
ver 2.0 vagk.zip/ImmoTool.exe PKZIP Encr: cmplen=333104, decmplen=373248, crc=E3050F80
ver 2.0 vagk.zip/vagtacho.exe PKZIP Encr: cmplen=717361, decmplen=853504, crc=C363D73D
*** Error in `/snap/john-the-ripper/265/run/zip2john': corrupted size vs. prev_size: 0x000000000262b3f0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7fcc639c87e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x83781)[0x7fcc639d4781]
/lib/x86_64-linux-gnu/libc.so.6(realloc+0x179)[0x7fcc639d5839]
/snap/john-the-ripper/265/run/zip2john[0x6d6066]
/snap/john-the-ripper/265/run/zip2john[0x532259]
/snap/john-the-ripper/265/run/zip2john[0x5339be]
/snap/john-the-ripper/265/run/zip2john[0x6c2ee9]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7fcc63971830]
/snap/john-the-ripper/265/run/zip2john[0x405f69]
======= Memory map: ========
00400000-0093c000 r-xp 00000000 07:18 282                                /snap/john-the-ripper/265/run/john-sse2
00b3b000-00b3c000 r--p 0053b000 07:18 282                                /snap/john-the-ripper/265/run/john-sse2
00b3c000-00bca000 rw-p 0053c000 07:18 282                                /snap/john-the-ripper/265/run/john-sse2
00bca000-01f47000 rw-p 00000000 00:00 0 
025ee000-026e6000 rw-p 00000000 00:00 0                                  [heap]

[claudio@super src]$ ../run/zip2john vagk.zip
ver 1.0 vagk.zip/drivers_Win7/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 1.0 vagk.zip/drivers_Win7/amd64/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 2.0 vagk.zip/drivers_Win7/amd64/ftbusui.dll PKZIP Encr: cmplen=68768, decmplen=143688, crc=2DEE0B26
ver 2.0 vagk.zip/drivers_Win7/amd64/ftcserco.dll PKZIP Encr: cmplen=27008, decmplen=51528, crc=7D22F725
ver 2.0 vagk.zip/drivers_Win7/amd64/ftd2xx.lib PKZIP Encr: cmplen=3881, decmplen=17428, crc=BAFF59F3
ver 2.0 vagk.zip/drivers_Win7/amd64/ftd2xx64.dll PKZIP Encr: cmplen=160833, decmplen=330056, crc=164BA541
ver 2.0 vagk.zip/drivers_Win7/amd64/ftdibus.sys PKZIP Encr: cmplen=37923, decmplen=69320, crc=FFC7DA84
ver 2.0 vagk.zip/drivers_Win7/amd64/ftlang.dll PKZIP Encr: cmplen=125218, decmplen=284992, crc=CF03D16
ver 2.0 vagk.zip/drivers_Win7/amd64/ftser2k.sys PKZIP Encr: cmplen=44133, decmplen=84808, crc=A97BA23
ver 2.0 vagk.zip/drivers_Win7/amd64/ftserui2.dll PKZIP Encr: cmplen=27894, decmplen=55112, crc=51810B3B
ver 2.0 vagk.zip/drivers_Win7/CDM 2 06 00 Release Info.rtf PKZIP Encr: cmplen=13246, decmplen=103682, crc=10519AF1
ver 2.0 vagk.zip/drivers_Win7/ftd2xx.h PKZIP Encr: cmplen=6239, decmplen=23384, crc=E0272279
ver 2.0 vagk.zip/drivers_Win7/ftdibus.cat PKZIP Encr: cmplen=5490, decmplen=11819, crc=FA9E42AD
ver 2.0 vagk.zip/drivers_Win7/ftdibus.inf PKZIP Encr: cmplen=1450, decmplen=4412, crc=7C4AFE0C
ver 2.0 vagk.zip/drivers_Win7/ftdiport.cat PKZIP Encr: cmplen=5349, decmplen=10915, crc=3A0EDBF7
ver 2.0 vagk.zip/drivers_Win7/ftdiport.inf PKZIP Encr: cmplen=1713, decmplen=5364, crc=D9B2D6B4
ver 1.0 vagk.zip/drivers_Win7/i386/ PKZIP Encr: cmplen=12, decmplen=0, crc=0
ver 2.0 vagk.zip/drivers_Win7/i386/ftbusui.dll PKZIP Encr: cmplen=57721, decmplen=120136, crc=95988041
ver 2.0 vagk.zip/drivers_Win7/i386/ftcserco.dll PKZIP Encr: cmplen=30231, decmplen=54088, crc=C55B2960
ver 2.0 vagk.zip/drivers_Win7/i386/ftd2xx.dll PKZIP Encr: cmplen=110013, decmplen=206144, crc=E86BD486
ver 2.0 vagk.zip/drivers_Win7/i386/ftd2xx.lib PKZIP Encr: cmplen=4048, decmplen=19056, crc=AD25F7B
ver 2.0 vagk.zip/drivers_Win7/i386/ftdibus.sys PKZIP Encr: cmplen=32753, decmplen=57800, crc=8A5DC73F
ver 2.0 vagk.zip/drivers_Win7/i386/ftlang.dll PKZIP Encr: cmplen=88652, decmplen=197952, crc=A648F494
ver 2.0 vagk.zip/drivers_Win7/i386/ftser2k.sys PKZIP Encr: cmplen=38653, decmplen=72520, crc=F2A94C59
ver 2.0 vagk.zip/drivers_Win7/i386/ftserui2.dll PKZIP Encr: cmplen=26464, decmplen=52552, crc=1A21C06F
ver 2.0 vagk.zip/drivers_Win7/LogoVerificationReport.pdf PKZIP Encr: cmplen=34382, decmplen=42808, crc=BAB96046
ver 2.0 vagk.zip/VAG_readme.rtf PKZIP Encr: cmplen=3475, decmplen=8709, crc=DD915979
ver 2.0 vagk.zip/Vagtacho_user_guide.txt PKZIP Encr: cmplen=3406, decmplen=8295, crc=14612A53
ver 2.0 vagk.zip/ImmoTool.exe PKZIP Encr: cmplen=333104, decmplen=373248, crc=E3050F80
ver 2.0 vagk.zip/vagtacho.exe PKZIP Encr: cmplen=717361, decmplen=853504, crc=C363D73D
vagk.zip:$pkzip2$3*1*1*0*8*24*7d22*0160*9b5aed61f870588c69d91c4044efd573120f68340a9f8f23e00a10b3fd8362be1fbc9a8d*1*0*8*24*2dee*0220*d5e9514e0700554bccf5a79c8574bc0406e486b99c2cd984628173216d2df4c4b52c6db8*2*0*5aa*113c*7c4afe0c*7f58e*36*8*5aa*7c4a*9e40*8d99682dfd3f3e2c568430c07c2a1b4ff491db75bf449938c2ecf4fef1c3f7658f445ee6a097adf2a78f997bb938dd65c5380a8abccbacd0c0f51007b6d923f3f893a71da74ed213cf8dcffc0c4f452a546d21c797290af98bb6054501aa7b49a147bb3f40406e6d7b24540c742aa150a91d1bcb78679ef9e07a82b08acf49a90d0649c8d85e39e19fe8f10f3d1a9a356e21125028da590d7e6c7b2737764fb993cc38e65a4cecd797c10e142ce22994bd5afef58c236936dca2ad043769143ec5c285a7a41fac2dd702590263675c466e5128684a6b9769aabd70cae35a31c0e1db48a4b68373ce4a377baa12b18206befbf12ffce9a3277ff16521d1d95c11fe3759a8bf84d304197011e223ca764acf7b091662676843a1699b0f9e7b903defa4577459b5303711d4bea7d8d7386bdbb61c8ebe03d4a9b4aa62d55d3ce76436aee0b22020d1b3f5f222a820d2969f7a8745373441f34d425ce3c8c748f82493da789443f0dec6e24e01f50c709f4c8cb25060b7ce6ab42f85abe49c32943b151bcbedee554b768c83894bbe4b1aa7f78fe142997cecdfb187a3b2794e6ff471cc67d3b74cf1a484b44e1b7316b10098336c53a4a33090388094b8a3b80b9b0bdaedb7806716750adbc4bbc3eb41a96336f55a9a4c1817304528105e60b5bb44f087b801bcceec187edaf270dc679d41478e2032028612c3da1b7e6d5b756e0cf4401efb4b9abae9716002d3b76bbebffa4177852119e3ab9468f4b700b2cbf5030cc80bab5420c8bd9dfc3e54b4e6aa491daafd8d6d76c5dbcbba58b96b525065651d49d355503023f355810348d77ede4a7fa70ea8a0663e641ac9265d27912e1474de3410d29c07fc86587bd0afe8a6549116a83974f759159847cc2ad3d5c85ba14ee5f99e81976a3b6ec2e28d9c6d8109358cfef32d743861284f8237921a849a8ae97bd2b6a825b2233dad2706539120d268a22e48a20fc7217470c79be746b7071e9b4063506ce943f2c512b22bd89921c36a5c7c81390eca2aae62bbbf4cfbb7cf07c8174dce5433638a0c5a0431985a247bd95c4e5edfb34645f5a62ae8cbca5fadf605d44c89cf76be472644fb38df90828e96bfe7cb054be08f8758e9d5f02a50f5f961983fceb3aeb1f7554bb45c629fb797f74294e3bcf0da9cc37aea19df224b7343c6c6ab27df19c98058c38a21afa43ae5e2ccd803dc78a00e8c50daecda39c4b7e6d9958a36bbac7e4a5fb6564c47df431140848aa647b930eef02cf181dcafc913f93ed82c572cc285e7adc040fda1ac35d27002559a34060e2ff479ae7ae2475bb2165e2c2df0da82c97b793631344aaa06d838b8b5839ed2c8bdf256a4d0c11ee2e02d57fb7d93156b14d886baefb26153acef42fefed1aa0c6e041da00a89038a8b1410df6622ceacf2f94d2a366e72de446675a9a3df4d3cf8630f7bd1bde4f49ecb46a021e9379a7653f3f428feabeb0e69b6c9d1a9e61dd5cde07b30ca0ecf400e1d492f3e782f1f426623feab8673eaa168f2f485b709ad0e1cb318a5da61e04f2d22f20a2dc419662b76a2adedb74b2c1f9a2f2873e74defef69b18ddb94f0abd5b413a01c6ada6c7e67fd972365374fd4b4dab96bc653b385399769065715397a8a83dd3c16160beae51f432c0112f320a75c90b446d8b096833858d5e632bf20fb160331228bca067193555e62cab760742366d5a47cef7a8a92282869555518623f8a5d50dda01a82d6da5fd462dfddc1c3a5e42f2962a08f6618162e78429c9ace83e04ba24fd8867622bef41a7a3a7d593799bfc3ee733b3bccbf4c433e3b1e7ca3109c62569229641fdd7603acfb115da93b6e46c4ea42fac205d73df078d75b173e7dd8d8528e1de8100abe9d6af263b2d06af35afb1b7aff9f7aca15b4a1e0e0b85ee6d2e01c72bb9c0feb07032bc332f82cd185ae909199c347c40ea30e02ecb3f454d27b31b46cb0bf8fe8f3f2cbe3f1860b1469b37e17d7436b15a87322bb29068e044aaa2ad11fc283544a166cc6b9ed248e8fca38ee*$/pkzip2$::vagk.zip:drivers_Win7/ftdibus.inf, drivers_Win7/amd64/ftcserco.dl, drivers_Win7/amd64/ftbusui.dll:vagk.zip
NOTE: It is assumed that all files in each archive have the same password.
If that is not the case, the hash may be uncrackable. To avoid this, use
option -o to pick a file at a time.

[solardiz]

@claudioandre-br I suggest you try to reproduce this in a build with -fsanitize=address. Thanks!

[claudioandre-br]

Openwall servers have no ASAN. Ops, it seems 'well' has it currently.

[claudioandre-br]

=================================================================
==2224== ERROR: AddressSanitizer: unknown-crash on address 0x600c0000bfda at pc 0x7fce550c80f3 bp 0x7fff4b421e00 sp 0x7fff4b4215a8
WRITE of size 32 at 0x600c0000bfda thread T0
    #0 0x7fce550c80f2 (/lib64/libasan.so.0+0xf0f2)
    #1 0x5e3afc in process_old_zip /home/claudio/bleeding/src/zip2john.c:842
    #2 0x5e4e30 in process_file /home/claudio/bleeding/src/zip2john.c:409
    #3 0x5e56ab in zip2john /home/claudio/bleeding/src/zip2john.c:939
    #4 0x89392b in main /home/claudio/bleeding/src/john.c:2087
    #5 0x7fce53434b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
    #6 0x405e72 in _start (/home/claudio/bleeding/run/john+0x405e72)
0x600c0000bff3 is located 0 bytes to the right of 51-byte region [0x600c0000bfc0,0x600c0000bff3)
allocated by thread T0 here:
    #0 0x7fce550cf2be (/lib64/libasan.so.0+0x162be)
    #1 0x8ba82a in mem_realloc /home/claudio/bleeding/src/memory.c:106
    #2 0x5e39a5 in process_old_zip /home/claudio/bleeding/src/zip2john.c:838
    #3 0x5e4e30 in process_file /home/claudio/bleeding/src/zip2john.c:409
    #4 0x5e56ab in zip2john /home/claudio/bleeding/src/zip2john.c:939
    #5 0x89392b in main /home/claudio/bleeding/src/john.c:2087
    #6 0x7fce53434b34 in __libc_start_main (/lib64/libc.so.6+0x21b34)
SUMMARY: AddressSanitizer: unknown-crash ??:0 ??
Shadow bytes around the buggy address:
  0x0c01ffff97a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff97b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff97c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff97d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff97e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c01ffff97f0: fa fa fa fa fa fa fa fa 00 00 00[00]00 00 03 fa
  0x0c01ffff9800: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff9810: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff9820: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff9830: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c01ffff9840: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:     fa
  Heap righ redzone:     fb
  Freed Heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
==2224== ABORTING

[solardiz]

I'd expect ASAN to also work on super after you enable one of the devtoolset's (see /etc/motd), no?

[claudioandre-br]

Anyway, I expect magnum to look at it. What I see is this: ([edited] it makes the magic happen)

$ git diff
diff --git a/src/zip2john.c b/src/zip2john.c
index c7e58ed4d..b1861630e 100644
--- a/src/zip2john.c
+++ b/src/zip2john.c
@@ -837,7 +837,7 @@ print_and_cleanup:;
                        if (i) {
                                filenames = mem_realloc(filenames,
                                                        strlen(filenames) +
-                                                       strlen(hashes[0].file_name) + 3);
+                                                       strlen(hashes[i].file_name) + 3);
                                strcat(filenames, ", ");
                                strcat(filenames, hashes[i].file_name);
                        }

[etb202]

password please