Startsida Utforska Hjälp
Logga in
hongwenjun
/
musl
spegling av https://git.musl-libc.org/git/musl
1
0
Fork 0
Filer Ärenden 0 Wiki
Bläddra i källkod

anti-DoS rounds count limits for blowfish and des crypt

all of the limits could use review, but err on the side of avoiding
excessive rounds for now.
Rich Felker 12 år sedan
förälder
507b6091fa
incheckning
13157b025e
2 ändrade filer med 2 tillägg och 2 borttagningar
Delad Vy Visa Diff Statistik
  1. 1 1
      src/misc/crypt_blowfish.c
  2. 1 1
      src/misc/crypt_des.c

+ 1 - 1
src/misc/crypt_blowfish.c
Visa fil 

@@ -625,7 +625,7 @@ static char *BF_crypt(const char *key, const char *setting,
 
 	}
 
 
 	count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
 
-	if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) {
 
+	if (count < min || count > 2048 || BF_decode(data.binary.salt, &setting[7], 16)) {
 
 		return NULL;
 
 	}
 
 	BF_swap(data.binary.salt, 4);

+ 1 - 1
src/misc/crypt_des.c
Visa fil 

@@ -911,7 +911,7 @@ static char *_crypt_extended_r_uut(const char *_key, const char *_setting, char
 
 				return NULL;
 
 			count |= value << (i - 1) * 6;
 
 		}
 
-		if (!count)
 
+		if (!count || count > 262143)
 
 			return NULL;
 
 
 		for (i = 5, salt = 0; i < 9; i++) {