Correctly handle invalid hashed passwords in bcrypt.checkpw. (#95)

Previously it would silently accept extra data, and overread a buffer on truncated data. Reported by Matthew Russell
author: Alex Gaynor <alex.gaynor@gmail.com> 2016-10-02 21:20:13 -0400
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2016-10-02 20:20:13 -0500
commit: fcebaa0db74dc822877128e57a79dcfda2a2dc4f (patch)
tree: 24c40c116bb945ad671990bc0965d70c82202509
parent: e977a1deea4712897f1cdae9ee682fef0e8fd1ce (diff)
download: py-bcrypt-git-fcebaa0db74dc822877128e57a79dcfda2a2dc4f.tar.gz
2 files changed, 12 insertions, 0 deletions
diff --git a/src/bcrypt/__init__.py b/src/bcrypt/__init__.py
index cd779a6..301ccb6 100644
--- a/src/bcrypt/__init__.py
+++ b/src/bcrypt/__init__.py
@@ -106,6 +106,9 @@ def checkpw(password, hashed_password):
 
     ret = hashpw(password, hashed_password)
 
+    if len(ret) != len(hashed_password):
+        return False
+
     return _bcrypt.lib.timingsafe_bcmp(ret, hashed_password, len(ret)) == 0
 
 
diff --git a/tests/test_bcrypt.py b/tests/test_bcrypt.py
index d9bde72..fa9a410 100644
--- a/tests/test_bcrypt.py
+++ b/tests/test_bcrypt.py
@@ -308,6 +308,15 @@ def test_hashpw_nul_byte():
         bcrypt.hashpw(b"abc\0def", salt)
 
 
+def test_checkpw_extra_data():
+    salt = bcrypt.gensalt(4)
+    hashed = bcrypt.hashpw(b"abc", salt)
+
+    assert bcrypt.checkpw(b"abc", hashed)
+    assert bcrypt.checkpw(b"abc", hashed + b"extra") is False
+    assert bcrypt.checkpw(b"abc", hashed[:-10]) is False
+
+
 @pytest.mark.parametrize(
     ("rounds", "password", "salt", "expected"),
     [[
author	Alex Gaynor <alex.gaynor@gmail.com>	2016-10-02 21:20:13 -0400
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2016-10-02 20:20:13 -0500
commit	fcebaa0db74dc822877128e57a79dcfda2a2dc4f (patch)
tree	24c40c116bb945ad671990bc0965d70c82202509
parent	e977a1deea4712897f1cdae9ee682fef0e8fd1ce (diff)
download	py-bcrypt-git-fcebaa0db74dc822877128e57a79dcfda2a2dc4f.tar.gz