diff options
| author | Rich Felker <dalias@aerifal.cx> | 2012-08-29 12:56:12 -0400 |
|---|---|---|
| committer | Rich Felker <dalias@aerifal.cx> | 2012-08-29 12:56:12 -0400 |
| commit | 13157b025e7e19f7ecc27ee93e69057b7fda9b37 (patch) | |
| tree | e8fdf04dfc0e69d70cd55949ad7420b79da07bcc /src/misc/crypt_blowfish.c | |
| parent | 507b6091fa75903ff05c21a4470b7b7cc3061d0d (diff) | |
| download | musl-13157b025e7e19f7ecc27ee93e69057b7fda9b37.tar.gz musl-13157b025e7e19f7ecc27ee93e69057b7fda9b37.tar.xz musl-13157b025e7e19f7ecc27ee93e69057b7fda9b37.zip | |
anti-DoS rounds count limits for blowfish and des crypt
all of the limits could use review, but err on the side of avoiding excessive rounds for now.
Diffstat (limited to 'src/misc/crypt_blowfish.c')
| -rw-r--r-- | src/misc/crypt_blowfish.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/misc/crypt_blowfish.c b/src/misc/crypt_blowfish.c index d3f79851..bd37be84 100644 --- a/src/misc/crypt_blowfish.c +++ b/src/misc/crypt_blowfish.c @@ -625,7 +625,7 @@ static char *BF_crypt(const char *key, const char *setting, } count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0')); - if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) { + if (count < min || count > 2048 || BF_decode(data.binary.salt, &setting[7], 16)) { return NULL; } BF_swap(data.binary.salt, 4); |