diff options
author | niq <niq@13f79535-47bb-0310-9956-ffa450edef68> | 2016-12-06 22:30:55 +0000 |
---|---|---|
committer | niq <niq@13f79535-47bb-0310-9956-ffa450edef68> | 2016-12-06 22:30:55 +0000 |
commit | a47dd553c22a967dc21065c215ca2d461107d718 (patch) | |
tree | 0d89031942d1a93b39b779ac7510fae01b72189a | |
parent | a41a7264c1b1f300176d70b03969edaf5dcb16b1 (diff) | |
download | libapr-util-a47dd553c22a967dc21065c215ca2d461107d718.tar.gz |
apr_crypto: avoid excessive iteration in bcrypt hash. [Hanno Böck]
git-svn-id: http://svn.apache.org/repos/asf/apr/apr-util/branches/1.6.x@1772979 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | CHANGES | 3 | ||||
-rw-r--r-- | crypto/crypt_blowfish.c | 2 |
2 files changed, 4 insertions, 1 deletions
@@ -1,6 +1,9 @@ -*- coding: utf-8 -*- Changes with APR-util 1.6.0 + *) apr_crypto: avoid excessive iteration in bcrypt hash. + [Hanno Böck <hanno hboeck.de>] + *) apr_siphash: Implement keyed hash function SipHash. [Yann Ylavic] *) apr_crypto: Add apr_crypto_key() function which supports keys diff --git a/crypto/crypt_blowfish.c b/crypto/crypt_blowfish.c index ec9a188b..013c1ed8 100644 --- a/crypto/crypt_blowfish.c +++ b/crypto/crypt_blowfish.c @@ -877,7 +877,7 @@ char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count, const char *input, int size, char *output, int output_size) { if (size < 16 || output_size < 7 + 22 + 1 || - (count && (count < 4 || count > 31)) || + (count && (count < 4 || count > 17)) || prefix[0] != '$' || prefix[1] != '2' || (prefix[2] != 'a' && prefix[2] != 'y')) { if (output_size > 0) output[0] = '\0'; |