diff options
| author | delphij <delphij@FreeBSD.org> | 2017-08-10 06:36:37 +0000 |
|---|---|---|
| committer | delphij <delphij@FreeBSD.org> | 2017-08-10 06:36:37 +0000 |
| commit | 74fc8942a90af0a3150be3420f9ad6815b98e6c2 (patch) | |
| tree | 732f2b05f1a67c596ef5ae6cb1b072ecb4b957cd | |
| parent | 6fabc98318b99002eb6e4ae34c0b574931e04910 (diff) | |
| download | FreeBSD-src-74fc8942a90af0a3150be3420f9ad6815b98e6c2.zip FreeBSD-src-74fc8942a90af0a3150be3420f9ad6815b98e6c2.tar.gz | |
Apply upstream fix:
Skip passwords longer than 1k in length so clients can't
easily DoS sshd by sending very long passwords, causing it to spend CPU
hashing them. feedback djm@, ok markus@.
Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
360.cn and coredump at autistici.org
Security: CVE-2016-6515
Security: FreeBSD-SA-17:06.openssh
| -rw-r--r-- | crypto/openssh/auth-passwd.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c index 63ccf3c..f6825ec 100644 --- a/crypto/openssh/auth-passwd.c +++ b/crypto/openssh/auth-passwd.c @@ -66,6 +66,8 @@ extern login_cap_t *lc; #define DAY (24L * 60 * 60) /* 1 day in seconds */ #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ +#define MAX_PASSWORD_LEN 1024 + void disable_forwarding(void) { @@ -87,6 +89,9 @@ auth_password(Authctxt *authctxt, const char *password) static int expire_checked = 0; #endif + if (strlen(password) > MAX_PASSWORD_LEN) + return 0; + #ifndef HAVE_CYGWIN if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) ok = 0; |
