首页 发现 帮助
登录
hongwenjun
/
musl
镜像自地址 https://git.musl-libc.org/git/musl
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

anti-DoS rounds count limits for blowfish and des crypt

all of the limits could use review, but err on the side of avoiding
excessive rounds for now.
Rich Felker 12 年之前
父节点
507b6091fa
当前提交
13157b025e
共有 2 个文件被更改,包括 2 次插入2 次删除
分列视图 显示文件统计
  1. 1 1
      src/misc/crypt_blowfish.c
  2. 1 1
      src/misc/crypt_des.c

+ 1 - 1
src/misc/crypt_blowfish.c
查看文件 

@@ -625,7 +625,7 @@ static char *BF_crypt(const char *key, const char *setting,
 
 	}
 
 
 	count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
 
-	if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) {
 
+	if (count < min || count > 2048 || BF_decode(data.binary.salt, &setting[7], 16)) {
 
 		return NULL;
 
 	}
 
 	BF_swap(data.binary.salt, 4);

+ 1 - 1
src/misc/crypt_des.c
查看文件 

@@ -911,7 +911,7 @@ static char *_crypt_extended_r_uut(const char *_key, const char *_setting, char
 
 				return NULL;
 
 			count |= value << (i - 1) * 6;
 
 		}
 
-		if (!count)
 
+		if (!count || count > 262143)
 
 			return NULL;
 
 
 		for (i = 5, salt = 0; i < 9; i++) {