projects / musl / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
anti-DoS rounds count limits for blowfish and des crypt
[musl] / src / misc / crypt_des.c
diff --git a/src/misc/crypt_des.c b/src/misc/crypt_des.c
index 4454a13..d7b2b15 100644 (file)
--- a/src/misc/crypt_des.c
+++ b/src/misc/crypt_des.c
@@ -911,7 +911,7 @@ static char *_crypt_extended_r_uut(const char *_key, const char *_setting, char
                                return NULL;
                        count |= value << (i - 1) * 6;
                }
-               if (!count)
+               if (!count || count > 262143)
                        return NULL;
 
                for (i = 5, salt = 0; i < 9; i++) {
musl