diff options
author | Niels Provos <provos@cvs.openbsd.org> | 2000-08-02 15:09:42 +0000 |
---|---|---|
committer | Niels Provos <provos@cvs.openbsd.org> | 2000-08-02 15:09:42 +0000 |
commit | a9d52de75a665e9fae8aafbfc14a8cf14cb8255a (patch) | |
tree | b3ef6a00442447912edba26864c24b1f78c5433f | |
parent | 3c2a2dbe0affed20514d2e380c5eb249f52453c7 (diff) |
return error if salt is too small; pr 1336
-rw-r--r-- | lib/libc/crypt/bcrypt.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libc/crypt/bcrypt.c b/lib/libc/crypt/bcrypt.c index 1b121fb28f7..99338a95080 100644 --- a/lib/libc/crypt/bcrypt.c +++ b/lib/libc/crypt/bcrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt.c,v 1.12 1998/08/10 18:33:07 provos Exp $ */ +/* $OpenBSD: bcrypt.c,v 1.13 2000/08/02 15:09:41 provos Exp $ */ /* * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> @@ -244,6 +244,9 @@ bcrypt(key, salt) /* Discard num rounds + "$" identifier */ salt += 3; + if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT) + return error; + /* We dont want the base64 salt but the raw data */ decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); salt_len = BCRYPT_MAXSALT; |