From 13157b025e7e19f7ecc27ee93e69057b7fda9b37 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Wed, 29 Aug 2012 12:56:12 -0400 Subject: anti-DoS rounds count limits for blowfish and des crypt all of the limits could use review, but err on the side of avoiding excessive rounds for now. --- src/misc/crypt_blowfish.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/misc/crypt_blowfish.c') diff --git a/src/misc/crypt_blowfish.c b/src/misc/crypt_blowfish.c index d3f79851..bd37be84 100644 --- a/src/misc/crypt_blowfish.c +++ b/src/misc/crypt_blowfish.c @@ -625,7 +625,7 @@ static char *BF_crypt(const char *key, const char *setting, } count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0')); - if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) { + if (count < min || count > 2048 || BF_decode(data.binary.salt, &setting[7], 16)) { return NULL; } BF_swap(data.binary.salt, 4); -- cgit 1.4.1