upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-27 01:59:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#3169: fix safety checks to allow for varying salt lengths

Browse source
This commit is contained in:
Kurt Zeilenga 2004-06-02 20:20:02 +00:00
parent 248e73c7e1
commit 8b5c9a764c
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
libraries/liblutil/passwd.c
View file

@ -459,9 +459,8 @@ static int chk_ssha1(
int rc;
unsigned char *orig_pass = NULL;
/* safety check */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <
sizeof(SHA1digest)+SALT_SIZE) {
/* safety check -- must have some salt */
if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHA1digest)) {
return LUTIL_PASSWD_ERR;
}
@ -473,7 +472,8 @@ static int chk_ssha1(
rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
if (rc < (int)(sizeof(SHA1digest)+SALT_SIZE)) {
/* safety check -- must have some salt */
if (rc <= (int)(sizeof(SHA1digest))) {
ber_memfree(orig_pass);
return LUTIL_PASSWD_ERR;
}