diff options
| author |   otto <otto@openbsd.org> | 2004-12-22 17:33:25 +0000 |
|---|---|---|
| committer | otto <otto@openbsd.org> | 2004-12-22 17:33:25 +0000 |
| commit | e0c55b3767508ea26ee07b2daa44677983773d50 (patch) | |
| tree | 59b5c9eca6380cd231f7724358736dc40c00e292 /lib/libc/crypt/bcrypt.c | |
| parent | g/c str_zcpy() (diff) | |
| download | wireguard-openbsd-e0c55b3767508ea26ee07b2daa44677983773d50.tar.xz wireguard-openbsd-e0c55b3767508ea26ee07b2daa44677983773d50.zip | |
Test the upper limit for the max # of rounds to, to avoid wrapping and ending
up with a low number of rounds. Spotted by mpech@; ok mpech@ millert@
Diffstat (limited to 'lib/libc/crypt/bcrypt.c')
| -rw-r--r-- | lib/libc/crypt/bcrypt.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/libc/crypt/bcrypt.c b/lib/libc/crypt/bcrypt.c index 95251db1cdb..6e1ae04e1b5 100644 --- a/lib/libc/crypt/bcrypt.c +++ b/lib/libc/crypt/bcrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt.c,v 1.18 2003/08/07 00:28:45 deraadt Exp $ */ +/* $OpenBSD: bcrypt.c,v 1.19 2004/12/22 17:33:25 otto Exp $ */ /* * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> @@ -164,6 +164,8 @@ bcrypt_gensalt(u_int8_t log_rounds) if (log_rounds < 4) log_rounds = 4; + else if (log_rounds > 31) + log_rounds = 31; encode_salt(gsalt, csalt, BCRYPT_MAXSALT, log_rounds); return gsalt; @@ -212,7 +214,10 @@ bcrypt(const char *key, const char *salt) return error; /* Computer power doesn't increase linear, 2^x should be fine */ - if ((rounds = (u_int32_t) 1 << (logr = atoi(salt))) < BCRYPT_MINROUNDS) + logr = atoi(salt); + if (logr > 31) + return error; + if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS) return error; /* Discard num rounds + "$" identifier */ |