anti-DoS rounds count limits for blowfish and des crypt

all of the limits could use review, but err on the side of avoiding excessive rounds for now.
author: Rich Felker <dalias@aerifal.cx> 2012-08-29 12:56:12 -0400
committer: Rich Felker <dalias@aerifal.cx> 2012-08-29 12:56:12 -0400
commit: 13157b025e7e19f7ecc27ee93e69057b7fda9b37 (patch)
tree: e8fdf04dfc0e69d70cd55949ad7420b79da07bcc /src/misc/crypt_des.c
parent: 507b6091fa75903ff05c21a4470b7b7cc3061d0d (diff)
download: musl-13157b025e7e19f7ecc27ee93e69057b7fda9b37.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/misc/crypt_des.c b/src/misc/crypt_des.c
index 4454a130..d7b2b15a 100644
--- a/src/misc/crypt_des.c
+++ b/src/misc/crypt_des.c
@@ -911,7 +911,7 @@ static char *_crypt_extended_r_uut(const char *_key, const char *_setting, char
 				return NULL;
 			count |= value << (i - 1) * 6;
 		}
-		if (!count)
+		if (!count || count > 262143)
 			return NULL;
 
 		for (i = 5, salt = 0; i < 9; i++) {
author	Rich Felker <dalias@aerifal.cx>	2012-08-29 12:56:12 -0400
committer	Rich Felker <dalias@aerifal.cx>	2012-08-29 12:56:12 -0400
commit	13157b025e7e19f7ecc27ee93e69057b7fda9b37 (patch)
tree	e8fdf04dfc0e69d70cd55949ad7420b79da07bcc /src/misc/crypt_des.c
parent	507b6091fa75903ff05c21a4470b7b7cc3061d0d (diff)
download	musl-13157b025e7e19f7ecc27ee93e69057b7fda9b37.tar.gz