Possible regression of "BSD wraparound" bug? #80
Comments
|
The check uses a switch ((minor = salt[1])) {
case 'a':
key_len = (u_int8_t)(strlen(key) + 1);
break;
case 'b':
/* strlen() returns a size_t, but the function calls
* below result in implicit casts to a narrower integer
* type, so cap key_len at the actual maximum supported
* length here to avoid integer wraparound */
key_len = strlen(key);
if (key_len > 72)
key_len = 72;
key_len++; /* include the NUL */
break;
⋮ |
|
I think maintaining compatibility for this is kind of bonkers, but in any case, prior to 3.0 we had the fix even for |
|
@dstufft do you have an opinion on how we should fix this to have it behave the same as bcrypt 2.0.0? Could we take all input passwords and do |
|
Truncating to 72 seems reasonable, since that's all the C code is going to do anyways in the correct case. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
passlib implements a specific check against the "BSD wraparound" bug that now appears to be failing with bcrypt 3.0
Although the included source from libcrypt appears to have been updated since the bug was fixed (OpenBSD 5.5, according to passlib) I'm not familiar enough with the code to be able to tell if this is a genuine regression or not
The text was updated successfully, but these errors were encountered: