Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nginx/nginx.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/core/ngx_crypt.c
diff options
context:
space:
mode:
authorMaxim Dounin <mdounin@mdounin.ru>2012-08-16 16:05:58 +0400
committerMaxim Dounin <mdounin@mdounin.ru>2012-08-16 16:05:58 +0400
commit89bd5f038a570694763fd968ab471a91139b2f7f (patch)
tree165f88003c0af24d1f73647d0d60feeaee4cd473 /src/core/ngx_crypt.c
parent3587e2be23064ebec26c95ea26ff5080ee79a7ae (diff)
Crypt: fixed handling of corrupted SSHA entries in password file.
Found by Coverity.
Diffstat (limited to 'src/core/ngx_crypt.c')
-rw-r--r--src/core/ngx_crypt.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/src/core/ngx_crypt.c b/src/core/ngx_crypt.c
index 365f9c82a..b2e25b901 100644
--- a/src/core/ngx_crypt.c
+++ b/src/core/ngx_crypt.c
@@ -194,6 +194,7 @@ static ngx_int_t
ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
{
size_t len;
+ ngx_int_t rc;
ngx_str_t encoded, decoded;
ngx_sha1_t sha1;
@@ -204,12 +205,18 @@ ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
encoded.data = salt + sizeof("{SSHA}") - 1;
encoded.len = ngx_strlen(encoded.data);
- decoded.data = ngx_pnalloc(pool, ngx_base64_decoded_length(encoded.len));
+ len = ngx_max(ngx_base64_decoded_length(encoded.len), 20);
+
+ decoded.data = ngx_pnalloc(pool, len);
if (decoded.data == NULL) {
return NGX_ERROR;
}
- ngx_decode_base64(&decoded, &encoded);
+ rc = ngx_decode_base64(&decoded, &encoded);
+
+ if (rc != NGX_OK || decoded.len < 20) {
+ decoded.len = 20;
+ }
/* update SHA1 from key and salt */
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 09:29:11 +0300