From eb8442a688c6dc3a405a48f66e8b7cf315fca5bc Mon Sep 17 00:00:00 2001
From: provos <>
Date: Wed, 2 Aug 2000 15:09:41 +0000
Subject: return error if salt is too small; pr 1336

---
 src/lib/libc/crypt/bcrypt.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 1b121fb28f..99338a9508 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bcrypt.c,v 1.12 1998/08/10 18:33:07 provos Exp $	*/
+/*	$OpenBSD: bcrypt.c,v 1.13 2000/08/02 15:09:41 provos Exp $	*/
 
 /*
  * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
@@ -244,6 +244,9 @@ bcrypt(key, salt)
 	/* Discard num rounds + "$" identifier */
 	salt += 3;
 
+	if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT)
+		return error;
+
 	/* We dont want the base64 salt but the raw data */
 	decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt);
 	salt_len = BCRYPT_MAXSALT;
-- 
cgit v1.2.3-55-g6feb