From: Rich Felker <dalias@aerifal.cx>
Date: Tue, 16 Feb 2016 22:38:07 +0000 (-0500)
Subject: in crypt-sha*, reject excessive rounds as error rather than clamping
X-Git-Tag: v1.1.14~11
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=cf115059ba0ecd611008c89c78c37b62f8e6d6af;p=oweals%2Fmusl.git

in crypt-sha*, reject excessive rounds as error rather than clamping

the reference implementation clamps rounds to [1000,999999999]. we
further limited rounds to at most 9999999 as a defense against extreme
run times, but wrongly clamped instead of treating out-of-bounds
values as an error, thereby producing implementation-specific hash
results. fixing this should not break anything since values of rounds
this high are not useful anyway.
---

diff --git a/src/crypt/crypt_sha256.c b/src/crypt/crypt_sha256.c
index d5f0b786..e885dc68 100644
--- a/src/crypt/crypt_sha256.c
+++ b/src/crypt/crypt_sha256.c
@@ -230,7 +230,7 @@ static char *sha256crypt(const char *key, const char *setting, char *output)
 		if (u < ROUNDS_MIN)
 			r = ROUNDS_MIN;
 		else if (u > ROUNDS_MAX)
-			r = ROUNDS_MAX;
+			return 0;
 		else
 			r = u;
 		/* needed when rounds is zero prefixed or out of bounds */
diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
index 1294e98b..39970caf 100644
--- a/src/crypt/crypt_sha512.c
+++ b/src/crypt/crypt_sha512.c
@@ -252,7 +252,7 @@ static char *sha512crypt(const char *key, const char *setting, char *output)
 		if (u < ROUNDS_MIN)
 			r = ROUNDS_MIN;
 		else if (u > ROUNDS_MAX)
-			r = ROUNDS_MAX;
+			return 0;
 		else
 			r = u;
 		/* needed when rounds is zero prefixed or out of bounds */