diff options
author | kevlo <kevlo@FreeBSD.org> | 2012-02-22 01:23:14 +0000 |
---|---|---|
committer | kevlo <kevlo@FreeBSD.org> | 2012-02-22 01:23:14 +0000 |
commit | cf70964fbe0955aecb81afc9fa6cfe2b5a5b39f8 (patch) | |
tree | d52f23f35fb63b5f7f26ab9ecb6c5d7eeff4a007 | |
parent | 6989e381537a0cfd9262e0a253f91e25593439b2 (diff) | |
download | FreeBSD-src-cf70964fbe0955aecb81afc9fa6cfe2b5a5b39f8.zip FreeBSD-src-cf70964fbe0955aecb81afc9fa6cfe2b5a5b39f8.tar.gz |
Return NULL on error rather than ":", per the crypt(3) man page.
Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
-rw-r--r-- | secure/lib/libcrypt/crypt-blowfish.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/secure/lib/libcrypt/crypt-blowfish.c b/secure/lib/libcrypt/crypt-blowfish.c index 649d07c..984a6d1 100644 --- a/secure/lib/libcrypt/crypt-blowfish.c +++ b/secure/lib/libcrypt/crypt-blowfish.c @@ -72,7 +72,6 @@ static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t); static void decode_base64(u_int8_t *, u_int16_t, const u_int8_t *); static char encrypted[_PASSWORD_LEN]; -static char error[] = ":"; static const u_int8_t Base64Code[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; @@ -160,8 +159,8 @@ crypt_blowfish(const char *key, const char *salt) salt++; if (*salt > BCRYPT_VERSION) { - /* How do I handle errors ? Return ':' */ - return error; + /* How do I handle errors ? Return NULL */ + return NULL; } /* Check for minor versions */ @@ -173,7 +172,7 @@ crypt_blowfish(const char *key, const char *salt) salt++; break; default: - return error; + return NULL; } } else minr = 0; @@ -183,13 +182,13 @@ crypt_blowfish(const char *key, const char *salt) if (salt[2] != '$') /* Out of sync with passwd entry */ - return error; + return NULL; /* Computer power doesnt increase linear, 2^x should be fine */ logr = (u_int8_t)atoi(salt); rounds = 1 << logr; if (rounds < BCRYPT_MINROUNDS) - return error; + return NULL; /* Discard num rounds + "$" identifier */ salt += 3; |