The number of rounds is just two digits in the salt. We've already

verified that they are there via isdigit() so we can convert from ASCII to an int without using atoi(). OK guenther@ deraadt@
author: millert <> 2015-09-13 12:42:39 +0000
committer: millert <> 2015-09-13 12:42:39 +0000
commit: aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930 (patch)
tree: 390a499ce2ca95ef863b9b8479909ea9b3a70ba2 /src/lib/libc/crypt
parent: e2751f37728059d10cda50d45e3365a1110f26ff (diff)
download: openbsd-aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930.tar.gz
openbsd-aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930.tar.bz2
openbsd-aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 04c04e89af..0e6b00f12d 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bcrypt.c,v 1.53 2015/07/18 00:56:37 tedu Exp $        */
+/*      $OpenBSD: bcrypt.c,v 1.54 2015/09/13 12:42:39 millert Exp $     */
 /*
 * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
@@ -138,7 +138,7 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted,
        if (!isdigit((unsigned char)salt[0]) ||
            !isdigit((unsigned char)salt[1]) || salt[2] != '$')
                goto inval;
-        logr = atoi(salt);
+        logr = (salt[1] - '0') + ((salt[0] - '0') * 10);
        if (logr < BCRYPT_MINLOGROUNDS || logr > 31)
                goto inval;
        /* Computer power doesn't increase linearly, 2^x should be fine */
author	millert <>	2015-09-13 12:42:39 +0000
committer	millert <>	2015-09-13 12:42:39 +0000
commit	aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930 (patch)
tree	390a499ce2ca95ef863b9b8479909ea9b3a70ba2 /src/lib/libc/crypt
parent	e2751f37728059d10cda50d45e3365a1110f26ff (diff)
download	openbsd-aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930.tar.gz openbsd-aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930.tar.bz2 openbsd-aabba0bcd2c9f46be67b8024dc2ff7cacb7dc930.zip

diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c index 04c04e89af..0e6b00f12d 100644 --- a/src/lib/libc/crypt/bcrypt.c +++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bcrypt.c,v 1.53 2015/07/18 00:56:37 tedu Exp $ */	1	/* $OpenBSD: bcrypt.c,v 1.54 2015/09/13 12:42:39 millert Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>	4	* Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
@@ -138,7 +138,7 @@ bcrypt_hashpass(const char key, const char salt, char *encrypted,
138	if (!isdigit((unsigned char)salt[0]) \|\|	138	if (!isdigit((unsigned char)salt[0]) \|\|
139	!isdigit((unsigned char)salt[1]) \|\| salt[2] != '$')	139	!isdigit((unsigned char)salt[1]) \|\| salt[2] != '$')
140	goto inval;	140	goto inval;
141	logr = atoi(salt);	141	logr = (salt[1] - '0') + ((salt[0] - '0') * 10);
142	if (logr < BCRYPT_MINLOGROUNDS \|\| logr > 31)	142	if (logr < BCRYPT_MINLOGROUNDS \|\| logr > 31)
143	goto inval;	143	goto inval;
144	/* Computer power doesn't increase linearly, 2^x should be fine */	144	/* Computer power doesn't increase linearly, 2^x should be fine */