Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zip2john "malloc(): corrupted top size" on Arch Linux #5692

Open
antkss opened this issue Mar 9, 2025 · 9 comments
Open

zip2john "malloc(): corrupted top size" on Arch Linux #5692

antkss opened this issue Mar 9, 2025 · 9 comments
Labels
bug
Milestone
Definitely 2.0.0

Comments

@antkss
Copy link

antkss commented Mar 9, 2025
edited
Loading

Image
@solardiz
Copy link
Member

solardiz commented Mar 9, 2025

Thank you for reporting this @antkss! What version of Arch Linux package is that, and what CPU architecture are you running it on? Can you reproduce the issue after building latest code from this repo? Can you share a ZIP file that would let us reproduce the issue (if you have or can create a file that isn't security-sensitive)?

I took a look at https://aur.archlinux.org/packages/john-git and the git revision mentioned in there is quite recent, so if you're using the latest package then probably we still have the bug in here.

Plain text version of your screenshot for easier searching and email:

as@thongapple$ zip2john a.zip
malloc(): corrupted top size
zsh: IOT instruction (core dumped)  zip2john a.zip

(please prefer copy-paste of text over screenshots)

@solardiz solardiz added the bug label Mar 9, 2025
@solardiz solardiz added this to the Definitely 2.0.0 milestone Mar 9, 2025
@solardiz solardiz changed the title buffer overflow zip2john archlinux zip2john "malloc(): corrupted top size" on Arch Linux Mar 9, 2025
@solardiz
Copy link
Member

@antkss Please complete this bug report. At the very least, we need john --list=build-info from you.

@claudioandre-br
Copy link
Member

I took a look at the zip2john file.

IMO, without an example zip file or a "good" analysis done remotely using the core dump, it is impossible to identify or solve the problem.

@solardiz
Copy link
Member

@claudioandre-br I think we need version info first. It is possible that @antkss ran code that's way out of date. We did have such bugs in there in the past, now fixed.

@antkss
Copy link
Author

antkss commented Mar 12, 2025
edited
Loading

@solardiz my john version here:
john-1.9.0.jumbo1-11
as@~🍎 uname -a
Linux archlinuz 6.12.12-2-clear-lts #1 SMP PREEMPT Sat, 08 Feb 2025 04:45:43 +0000 x86_64 GNU/Linux

@antkss
Copy link
Author

antkss commented Mar 12, 2025

vuln.zip

@antkss
Copy link
Author

antkss commented Mar 12, 2025

john-build-info.txt
thank you for your response

@claudioandre-br
Copy link
Member

A recent version of JtR can handle the vuln.zip file without errors.

$ john-the-ripper.zip2john vuln.zip 
vuln.zip/writeup_bai[...]

BTW: Jumbo 1 for zip files is a bad idea.

@solardiz
Copy link
Member

@antkss Thank you! So that's a package of our previous release 1.9.0-jumbo-1 and we did fix relevant bugs since. The current Arch Linux package of john over that link I found above appears to use our recent git tree (mentions a commit from January 2025). So are you running an outdated Arch Linux package? Can you upgrade to their latest package?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
Definitely 2.0.0
Development

No branches or pull requests
3 participants
@claudioandre-br @solardiz @antkss