From cf70964fbe0955aecb81afc9fa6cfe2b5a5b39f8 Mon Sep 17 00:00:00 2001 From: kevlo Date: Wed, 22 Feb 2012 01:23:14 +0000 Subject: Return NULL on error rather than ":", per the crypt(3) man page. Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3 --- secure/lib/libcrypt/crypt-blowfish.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'secure') diff --git a/secure/lib/libcrypt/crypt-blowfish.c b/secure/lib/libcrypt/crypt-blowfish.c index 649d07c..984a6d1 100644 --- a/secure/lib/libcrypt/crypt-blowfish.c +++ b/secure/lib/libcrypt/crypt-blowfish.c @@ -72,7 +72,6 @@ static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t); static void decode_base64(u_int8_t *, u_int16_t, const u_int8_t *); static char encrypted[_PASSWORD_LEN]; -static char error[] = ":"; static const u_int8_t Base64Code[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; @@ -160,8 +159,8 @@ crypt_blowfish(const char *key, const char *salt) salt++; if (*salt > BCRYPT_VERSION) { - /* How do I handle errors ? Return ':' */ - return error; + /* How do I handle errors ? Return NULL */ + return NULL; } /* Check for minor versions */ @@ -173,7 +172,7 @@ crypt_blowfish(const char *key, const char *salt) salt++; break; default: - return error; + return NULL; } } else minr = 0; @@ -183,13 +182,13 @@ crypt_blowfish(const char *key, const char *salt) if (salt[2] != '$') /* Out of sync with passwd entry */ - return error; + return NULL; /* Computer power doesnt increase linear, 2^x should be fine */ logr = (u_int8_t)atoi(salt); rounds = 1 << logr; if (rounds < BCRYPT_MINROUNDS) - return error; + return NULL; /* Discard num rounds + "$" identifier */ salt += 3; -- cgit v1.1