From 1aac940d9977aaf0d04bb4eafe4cc1c7acfe71b5 Mon Sep 17 00:00:00 2001
From: otto <>
Date: Wed, 22 Dec 2004 17:33:25 +0000
Subject: Test the upper limit for the max # of rounds to, to avoid wrapping
 and ending up with a low number of rounds. Spotted by mpech@; ok mpech@
 millert@

---
 src/lib/libc/crypt/bcrypt.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 95251db1cd..6e1ae04e1b 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bcrypt.c,v 1.18 2003/08/07 00:28:45 deraadt Exp $	*/
+/*	$OpenBSD: bcrypt.c,v 1.19 2004/12/22 17:33:25 otto Exp $	*/
 
 /*
  * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
@@ -164,6 +164,8 @@ bcrypt_gensalt(u_int8_t log_rounds)
 
 	if (log_rounds < 4)
 		log_rounds = 4;
+	else if (log_rounds > 31)
+		log_rounds = 31;
 
 	encode_salt(gsalt, csalt, BCRYPT_MAXSALT, log_rounds);
 	return gsalt;
@@ -212,7 +214,10 @@ bcrypt(const char *key, const char *salt)
 		return error;
 
 	/* Computer power doesn't increase linear, 2^x should be fine */
-	if ((rounds = (u_int32_t) 1 << (logr = atoi(salt))) < BCRYPT_MINROUNDS)
+	logr = atoi(salt);
+	if (logr > 31)
+		return error;
+	if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS)
 		return error;
 
 	/* Discard num rounds + "$" identifier */
-- 
cgit v1.2.3-55-g6feb