首頁 探索 說明
登入
hongwenjun
/
musl
镜像来自 https://git.musl-libc.org/git/musl
1
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

anti-DoS rounds count limits for blowfish and des crypt

all of the limits could use review, but err on the side of avoiding
excessive rounds for now.
Rich Felker 12 年之前
父節點
507b6091fa
當前提交
13157b025e
共有 2 個文件被更改,包括 2 次插入2 次删除
分割檢視 顯示文件統計
  1. 1 1
      src/misc/crypt_blowfish.c
  2. 1 1
      src/misc/crypt_des.c

+ 1 - 1
src/misc/crypt_blowfish.c
查看文件 

@@ -625,7 +625,7 @@ static char *BF_crypt(const char *key, const char *setting,
 
 	}
 
 
 	count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
 
-	if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) {
 
+	if (count < min || count > 2048 || BF_decode(data.binary.salt, &setting[7], 16)) {
 
 		return NULL;
 
 	}
 
 	BF_swap(data.binary.salt, 4);

+ 1 - 1
src/misc/crypt_des.c
查看文件 

@@ -911,7 +911,7 @@ static char *_crypt_extended_r_uut(const char *_key, const char *_setting, char
 
 				return NULL;
 
 			count |= value << (i - 1) * 6;
 
 		}
 
-		if (!count)
 
+		if (!count || count > 262143)
 
 			return NULL;
 
 
 		for (i = 5, salt = 0; i < 9; i++) {