Bug 56528 - johntheripper: homepath-bug (serious in 1.6)
Bug#: 56528 Product:  Gentoo Linux Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: dragonheart@gentoo.org Reported By: aholler@gentoo.de
Component: Applications
URL: 
Summary: johntheripper: homepath-bug (serious in 1.6)
Keywords:  
Status Whiteboard: 
Opened: 2004-07-09 03:11 0000
Description:   Opened: 2004-07-09 03:11 0000 
Calling

/usr/sbin/john -wordfile=/bla/wordlist -rules -stdout=13

results with version 1.6 that /usr/sbin/restore will be overwritten (if root calls john) which imho is a serious bug.


With 1.63 john will try to write to /usr/sbin/john.rec

The reason can be found in path_init (path.c) which is called from main.c and sets the homepath to the directory where the binary is.

I suggest calling path_init with getenv("HOME") as parameter.

Regards,

Alexander

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

------- Comment #1 From Daniel Black 2004-07-10 15:40:39 0000 ------- 
will later - overseas at the moment. I'm putting together a big patch set for
john and will definately look at this one.

------- Comment #2 From Daniel Black 2004-07-22 16:11:31 0000 ------- 
changed in my compiled patchset. Will release when I get some of that mythical
time.

------- Comment #3 From Daniel Black 2004-09-24 06:37:14 0000 ------- 
sorry for neglecting this bug.

http://dev.gentoo.org/~dragonheart/john.tar.bz2 is a tarball is my little workspace with unpatched and patched version of john. Feel free to submit patches.

------- Comment #4 From Daniel Black 2004-12-31 22:51:11 0000 ------- 
Fixed in johntheripper-1.6.37_p1. Thanks for your patience.