From 7708e05b5cd1f8b089f537629494641ceb5b1e0b Mon Sep 17 00:00:00 2001 From: tedu Date: Sat, 19 Apr 2014 15:17:59 +0000 Subject: [PATCH] improved checking for invalid hashes. from solar designer --- lib/libc/crypt/bcrypt.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/lib/libc/crypt/bcrypt.c b/lib/libc/crypt/bcrypt.c index d7af344b972..a077c99de57 100644 --- a/lib/libc/crypt/bcrypt.c +++ b/lib/libc/crypt/bcrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt.c,v 1.37 2014/04/08 20:14:25 tedu Exp $ */ +/* $OpenBSD: bcrypt.c,v 1.38 2014/04/19 15:17:59 tedu Exp $ */ /* * Copyright (c) 2014 Ted Unangst @@ -97,11 +97,12 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted, char arounds[3]; /* Discard "$" identifier */ + if (*salt != '$') + return -1; salt++; - if (*salt > BCRYPT_VERSION) { + if (*salt != BCRYPT_VERSION) return -1; - } /* Check for minor versions */ if (salt[1] != '$') { @@ -110,6 +111,8 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted, case 'b': /* cap input length at 72 bytes */ minor = salt[1]; salt++; + if (salt[1] != '$') + return -1; break; default: return -1; @@ -141,7 +144,8 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted, return -1; /* We dont want the base64 salt but the raw data */ - decode_base64(csalt, BCRYPT_MAXSALT, salt); + if (decode_base64(csalt, BCRYPT_MAXSALT, salt)) + return -1; salt_len = BCRYPT_MAXSALT; if (minor <= 'a') key_len = (u_int8_t)(strlen(key) + (minor >= 'a' ? 1 : 0)); @@ -284,7 +288,7 @@ decode_base64(u_int8_t *buffer, size_t len, const char *b64data) c3 = CHAR64(*(p + 2)); if (c3 == 255) - break; + return -1; *bp++ = ((c2 & 0x0f) << 4) | ((c3 & 0x3c) >> 2); if (bp >= buffer + len) @@ -292,7 +296,7 @@ decode_base64(u_int8_t *buffer, size_t len, const char *b64data) c4 = CHAR64(*(p + 3)); if (c4 == 255) - break; + return -1; *bp++ = ((c3 & 0x03) << 6) | c4; p += 4; -- 2.20.1