diff options
| author | Otto Moerbeek <otto@cvs.openbsd.org> | 2004-12-22 17:33:26 +0000 |
|---|---|---|
| committer | Otto Moerbeek <otto@cvs.openbsd.org> | 2004-12-22 17:33:26 +0000 |
| commit | 159452f7c6de6c2f46c55748204c8032b824210d (patch) | |
| tree | 8bc1c861f1bed826935cbc133a25db5bfe1e5532 /lib | |
| parent | 7ae9a0283010f2d9acbf6121c412228022c9a1e0 (diff) | |
Test the upper limit for the max # of rounds to, to avoid wrapping and ending
up with a low number of rounds. Spotted by mpech@; ok mpech@ millert@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/crypt/bcrypt.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/libc/crypt/bcrypt.c b/lib/libc/crypt/bcrypt.c index 95251db1cdb..6e1ae04e1b5 100644 --- a/lib/libc/crypt/bcrypt.c +++ b/lib/libc/crypt/bcrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt.c,v 1.18 2003/08/07 00:28:45 deraadt Exp $ */ +/* $OpenBSD: bcrypt.c,v 1.19 2004/12/22 17:33:25 otto Exp $ */ /* * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> @@ -164,6 +164,8 @@ bcrypt_gensalt(u_int8_t log_rounds) if (log_rounds < 4) log_rounds = 4; + else if (log_rounds > 31) + log_rounds = 31; encode_salt(gsalt, csalt, BCRYPT_MAXSALT, log_rounds); return gsalt; @@ -212,7 +214,10 @@ bcrypt(const char *key, const char *salt) return error; /* Computer power doesn't increase linear, 2^x should be fine */ - if ((rounds = (u_int32_t) 1 << (logr = atoi(salt))) < BCRYPT_MINROUNDS) + logr = atoi(salt); + if (logr > 31) + return error; + if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS) return error; /* Discard num rounds + "$" identifier */ |