aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2015-05-04 16:39:51 +0200
committerAndreas Schneider <asn@cryptomilk.org>2015-05-04 17:54:01 +0200
commitcf05e653de569225775d6bf996ffefba9e8e6135 (patch)
tree49ad5783c213b0a08f4204b1fe9faf8e5ca59fc0
parent4b9916136dd8a5189856556fbdf21dc3b0f08a27 (diff)
downloadlibssh-cf05e653de569225775d6bf996ffefba9e8e6135.tar.gz
libssh-cf05e653de569225775d6bf996ffefba9e8e6135.tar.xz
libssh-cf05e653de569225775d6bf996ffefba9e8e6135.zip
external: Fix a possible buffer overrun in bcrypt_pbkdf
CID: #1250106 This fixes a 1 byte output overflow for large key length (not reachable in libssh). Pulled from OpenBSD BCrypt PBKDF implementation. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/external/bcrypt_pbkdf.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/external/bcrypt_pbkdf.c b/src/external/bcrypt_pbkdf.c
index 409265cb..27094744 100644
--- a/src/external/bcrypt_pbkdf.c
+++ b/src/external/bcrypt_pbkdf.c
@@ -112,6 +112,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltl
uint8_t *countsalt;
size_t i, j, amt, stride;
uint32_t count;
+ size_t origkeylen = keylen;
SHA512CTX ctx;
/* nothing crazy */
@@ -161,9 +162,14 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltl
* pbkdf2 deviation: ouput the key material non-linearly.
*/
amt = MIN(amt, keylen);
- for (i = 0; i < amt; i++)
- key[i * stride + (count - 1)] = out[i];
- keylen -= amt;
+ for (i = 0; i < amt; i++) {
+ size_t dest = i * stride + (count - 1);
+ if (dest >= origkeylen) {
+ break;
+ }
+ key[dest] = out[i];
+ }
+ keylen -= i;
}
/* zap */