diff options
| author | provos <> | 2000-08-02 15:09:41 +0000 |
|---|---|---|
| committer | provos <> | 2000-08-02 15:09:41 +0000 |
| commit | eb8442a688c6dc3a405a48f66e8b7cf315fca5bc (patch) | |
| tree | c4d25142ca5685b46e7c364abd7c7f4c98dd180e /src/lib/libc/crypt | |
| parent | e56127299dd3bb78db3838b2df516606d1911299 (diff) | |
| download | openbsd-eb8442a688c6dc3a405a48f66e8b7cf315fca5bc.tar.gz openbsd-eb8442a688c6dc3a405a48f66e8b7cf315fca5bc.tar.bz2 openbsd-eb8442a688c6dc3a405a48f66e8b7cf315fca5bc.zip | |
return error if salt is too small; pr 1336
Diffstat (limited to 'src/lib/libc/crypt')
| -rw-r--r-- | src/lib/libc/crypt/bcrypt.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c index 1b121fb28f..99338a9508 100644 --- a/src/lib/libc/crypt/bcrypt.c +++ b/src/lib/libc/crypt/bcrypt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bcrypt.c,v 1.12 1998/08/10 18:33:07 provos Exp $ */ | 1 | /* $OpenBSD: bcrypt.c,v 1.13 2000/08/02 15:09:41 provos Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> | 4 | * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> |
| @@ -244,6 +244,9 @@ bcrypt(key, salt) | |||
| 244 | /* Discard num rounds + "$" identifier */ | 244 | /* Discard num rounds + "$" identifier */ |
| 245 | salt += 3; | 245 | salt += 3; |
| 246 | 246 | ||
| 247 | if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT) | ||
| 248 | return error; | ||
| 249 | |||
| 247 | /* We dont want the base64 salt but the raw data */ | 250 | /* We dont want the base64 salt but the raw data */ |
| 248 | decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); | 251 | decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); |
| 249 | salt_len = BCRYPT_MAXSALT; | 252 | salt_len = BCRYPT_MAXSALT; |