X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Fpasswords%2FPasswordHashChecker.java;h=5c6e3a06ea97ce31486bc92f8e00935d3fd85f9e;hp=32eda623a8164bcffc3725fa4c99f531c6584308;hb=0a958a5d1010a3ff08ad24fd870fda322bdb08b1;hpb=f9799a61d559290c1ba6f6de557535348480caa0 diff --git a/src/club/wpia/gigi/passwords/PasswordHashChecker.java b/src/club/wpia/gigi/passwords/PasswordHashChecker.java index 32eda623..5c6e3a06 100644 --- a/src/club/wpia/gigi/passwords/PasswordHashChecker.java +++ b/src/club/wpia/gigi/passwords/PasswordHashChecker.java @@ -76,6 +76,7 @@ public class PasswordHashChecker implements PasswordChecker { private boolean knownPasswordHash(byte[] passwordHash) throws IOException { long targetEstimate = estimateHashOffset(passwordHash); long bestGuess = targetEstimate; + bestGuess = clampOffset(bestGuess); hashBuffer.clear(); database.read(hashBuffer, bestGuess); @@ -86,6 +87,7 @@ public class PasswordHashChecker implements PasswordChecker { break; } bestGuess = bestGuess + targetEstimate - bestGuessEstimate; + bestGuess = clampOffset(bestGuess); hashBuffer.clear(); database.read(hashBuffer, bestGuess); } @@ -97,6 +99,9 @@ public class PasswordHashChecker implements PasswordChecker { int newSearchDirection = searchDirection; while (searchDirection == newSearchDirection) { bestGuess += digestLength * searchDirection; + if (bestGuess < 0 || bestGuess >= database.size()) { + break; + } hashBuffer.clear(); database.read(hashBuffer, bestGuess); newSearchDirection = compareHashes(passwordHash, hashBuffer.array()); @@ -127,4 +132,14 @@ public class PasswordHashChecker implements PasswordChecker { / (1L << 32); return (pos / digestLength) * digestLength; } + + private long clampOffset(long offset) throws IOException { + if (offset < 0) { + return 0; + } + if (offset >= database.size()) { + return database.size() - 1; + } + return offset; + } }