From 0b9e1f82343ae6f72b066bd06cfe81cc83391fb3 Mon Sep 17 00:00:00 2001 From: tedu <> Date: Mon, 24 Feb 2014 19:45:43 +0000 Subject: [PATCH] solar's testsuite revealed insufficient validation of invalid input hashes. add a more complete check for the rounds parameter. ok deraadt --- src/lib/libc/crypt/bcrypt.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c index 7e283c43..b108cfe0 100644 --- a/src/lib/libc/crypt/bcrypt.c +++ b/src/lib/libc/crypt/bcrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt.c,v 1.28 2014/02/17 09:00:20 tedu Exp $ */ +/* $OpenBSD: bcrypt.c,v 1.29 2014/02/24 19:45:43 tedu Exp $ */ /* * Copyright 1997 Niels Provos @@ -60,7 +60,7 @@ #define BCRYPT_VERSION '2' #define BCRYPT_MAXSALT 16 /* Precomputation is just so nice */ #define BCRYPT_BLOCKS 6 /* Ciphertext blocks */ -#define BCRYPT_MINROUNDS 16 /* we have log2(rounds) in salt */ +#define BCRYPT_MINLOGROUNDS 4 /* we have log2(rounds) in salt */ char *bcrypt_gensalt(u_int8_t); @@ -173,7 +173,7 @@ bcrypt(const char *key, const char *salt) u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt"; u_int8_t csalt[BCRYPT_MAXSALT]; u_int32_t cdata[BCRYPT_BLOCKS]; - int n; + char arounds[3]; /* Discard "$" identifier */ salt++; @@ -204,13 +204,15 @@ bcrypt(const char *key, const char *salt) /* Out of sync with passwd entry */ return error; - /* Computer power doesn't increase linear, 2^x should be fine */ - n = atoi(salt); - if (n > 31 || n < 0) + memcpy(arounds, salt, sizeof(arounds)); + if (arounds[sizeof(arounds) - 1] != '$') return error; - logr = (u_int8_t)n; - if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS) + arounds[sizeof(arounds) - 1] = 0; + logr = strtonum(arounds, BCRYPT_MINLOGROUNDS, 31, NULL); + if (logr == 0) return error; + /* Computer power doesn't increase linearly, 2^x should be fine */ + rounds = 1U << logr; /* Discard num rounds + "$" identifier */ salt += 3;