1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
From cf115059ba0ecd611008c89c78c37b62f8e6d6af Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Tue, 16 Feb 2016 17:38:07 -0500
Subject: [PATCH] in crypt-sha*, reject excessive rounds as error rather than
clamping
the reference implementation clamps rounds to [1000,999999999]. we
further limited rounds to at most 9999999 as a defense against extreme
run times, but wrongly clamped instead of treating out-of-bounds
values as an error, thereby producing implementation-specific hash
results. fixing this should not break anything since values of rounds
this high are not useful anyway.
---
src/crypt/crypt_sha256.c | 2 +-
src/crypt/crypt_sha512.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/crypt/crypt_sha256.c b/src/crypt/crypt_sha256.c
index d5f0b78..e885dc6 100644
--- a/src/crypt/crypt_sha256.c
+++ b/src/crypt/crypt_sha256.c
@@ -230,7 +230,7 @@ static char *sha256crypt(const char *key, const char *setting, char *output)
if (u < ROUNDS_MIN)
r = ROUNDS_MIN;
else if (u > ROUNDS_MAX)
- r = ROUNDS_MAX;
+ return 0;
else
r = u;
/* needed when rounds is zero prefixed or out of bounds */
diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
index 1294e98..39970ca 100644
--- a/src/crypt/crypt_sha512.c
+++ b/src/crypt/crypt_sha512.c
@@ -252,7 +252,7 @@ static char *sha512crypt(const char *key, const char *setting, char *output)
if (u < ROUNDS_MIN)
r = ROUNDS_MIN;
else if (u > ROUNDS_MAX)
- r = ROUNDS_MAX;
+ return 0;
else
r = u;
/* needed when rounds is zero prefixed or out of bounds */
--
2.7.1
|
