c - 如何在 C 中比较和解密 md5 密码哈希值？

Question

该程序用于比较密码哈希值。我得到它说Reading (filename) ，但后来我得到了 segmentation fault (core dumped)错误。我相信我的 main 或 readfile 函数有问题。 fscanf 是否导致了这里的问题？ main 中 for 循环的中间参数是什么，我相信它是行数，对吗？我已经提供了更好的指导意见。

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "crypt.h"

int tryguess(char *hash, char *guess)
{
    // Extract the salt from the hash
    char *salt;
    memcpy(salt, &hash[3], 8);
    salt[8] = '\0'; 
    // Hash the guess using the salt
    char *hashGuess = md5crypt(guess, salt);
    // Compare the two hashes
    if (strcmp(hashGuess, hash) == 0)
    {
        return 1;
    }
    else
    {
        return 0;
    }
}

// Given a hash and a dictionary of guesses,
// try all guesses and return the matching guess.
char *crack(char *hash, char *dict[])
{
    int i = 0;
    while (dict[i])
    {
        if (tryguess(hash, dict[i])) return dict[i];
        i++;
    }
    return NULL;
}

// Read in a file.
// The first line of the file is the number of lines in the file.
// Returns an array of strings, with the last element being a NULL
// indicating the end of the array.
char **read_file(char *fname)
{
    char **dict;

    printf("Reading %s\n", fname);

    FILE *d = fopen(fname, "r");

    if (! d) return NULL;
    // Get the number of lines in the file
    char *size;
    fscanf(d, "%s[^\n]", size);
    int filesize = atoi(size); 

    // Allocate memory for the array of strings (character pointers)
    dict[0] = malloc(100 * sizeof(char *));

    // Read in the rest of the file, allocting memory for each string
    // as we go.
    int count = 0;
    int index = 0;
    while (count < filesize)
    {
        for (int i = 0; dict[i] != NULL; i++)
        {
            fscanf(d, "%s[^\n]\n", dict[i]);
            if (dict[i+1] != NULL)
            {
                dict[i+1] = malloc(1000);
            }
            count++;
            index++;
        }
    }


    // NULL termination. Last entry in the array should be NULL.
    dict[index] = NULL;

    printf("Done\n");
    fclose(d);
    return dict;
  }

int main(int argc, char *argv[])
{
    if (argc < 2) 
    {
        printf("Usage: %s hash_file dict_file\n", argv[0]);
        exit(1);
    }

    char **dictionary = read_file(argv[2]);
    char **hashes = read_file(argv[1]);

    // For each hash, try every entry in the dictionary.
    // Print the matching dictionary entry.
    for (int i = 0; i < (# of lines); i++)
    {
    char *hash = hashes[i];
    char *result = crack(hash, dictionary);
    printf("%s", result);
    }   
}

Answer 1

我看到的一个问题是(这可能导致段错误):

// Extract the salt from the hash
char *salt;
memcpy(salt, &hash[3], 8);
salt[8] = '\0'; 

你不能向salt写入任何内容，因为它只是指针， 尚未完成内存分配。 如果您知道它的最大大小，您可以在堆栈上声明它，例如，char salt[16];。 用法也类似:memcpy(salt, &hash[3], 8);