From fd6d62e96b81f055cd4c12eab824a3d30d264979 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Mon, 3 Apr 2006 19:55:49 +0000
Subject: be more careful with atoi() result; ok otto

---
 src/lib/libc/crypt/bcrypt.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 6e1ae04e1b..cdc2dd05a6 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bcrypt.c,v 1.19 2004/12/22 17:33:25 otto Exp $	*/
+/*	$OpenBSD: bcrypt.c,v 1.20 2006/04/03 19:55:49 deraadt Exp $	*/
 
 /*
  * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
@@ -183,6 +183,7 @@ bcrypt(const char *key, const char *salt)
 	u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt";
 	u_int8_t csalt[BCRYPT_MAXSALT];
 	u_int32_t cdata[BCRYPT_BLOCKS];
+	int n;
 
 	/* Discard "$" identifier */
 	salt++;
@@ -214,9 +215,10 @@ bcrypt(const char *key, const char *salt)
 		return error;
 
 	/* Computer power doesn't increase linear, 2^x should be fine */
-	logr = atoi(salt);
-	if (logr > 31)
+	n = atoi(salt);
+	if (n > 31 || n < 0)
 		return error;
+	logr = (u_int8_t)n;
 	if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS)
 		return error;
 
-- 
cgit v1.2.3-55-g6feb