diff options
author | Nick Kew <niq@apache.org> | 2016-12-05 20:56:59 +0000 |
---|---|---|
committer | Nick Kew <niq@apache.org> | 2016-12-05 20:56:59 +0000 |
commit | 13ba0326188b65db8d4cdea955383bebffde8b20 (patch) | |
tree | d9c0b9cffb4fe2939601cf54b329efa95e9bdb49 /crypto/crypt_blowfish.c | |
parent | 32f0f5706ff91e1ff18b3ca9c5ace7ba997d1616 (diff) | |
download | apr-13ba0326188b65db8d4cdea955383bebffde8b20.tar.gz |
apr_crypt: avoid excessive iteration in bcrypt hash.
Patch by Hanno Böck
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1772803 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'crypto/crypt_blowfish.c')
-rw-r--r-- | crypto/crypt_blowfish.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/crypt_blowfish.c b/crypto/crypt_blowfish.c index ec9a188b3..013c1ed82 100644 --- a/crypto/crypt_blowfish.c +++ b/crypto/crypt_blowfish.c @@ -877,7 +877,7 @@ char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count, const char *input, int size, char *output, int output_size) { if (size < 16 || output_size < 7 + 22 + 1 || - (count && (count < 4 || count > 31)) || + (count && (count < 4 || count > 17)) || prefix[0] != '$' || prefix[1] != '2' || (prefix[2] != 'a' && prefix[2] != 'y')) { if (output_size > 0) output[0] = '\0'; |