Klaus Demo nginx / 89bd5f0
Crypt: fixed handling of corrupted SSHA entries in password file. Found by Coverity. Maxim Dounin 10 years ago
1 changed file(s) with 9 addition(s) and 2 deletion(s). Raw diff Collapse all Expand all
193193 ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
194194 {
195195 size_t len;
196 ngx_int_t rc;
196197 ngx_str_t encoded, decoded;
197198 ngx_sha1_t sha1;
198199
203204 encoded.data = salt + sizeof("{SSHA}") - 1;
204205 encoded.len = ngx_strlen(encoded.data);
205206
206 decoded.data = ngx_pnalloc(pool, ngx_base64_decoded_length(encoded.len));
207 len = ngx_max(ngx_base64_decoded_length(encoded.len), 20);
208
209 decoded.data = ngx_pnalloc(pool, len);
207210 if (decoded.data == NULL) {
208211 return NGX_ERROR;
209212 }
210213
211 ngx_decode_base64(&decoded, &encoded);
214 rc = ngx_decode_base64(&decoded, &encoded);
215
216 if (rc != NGX_OK || decoded.len < 20) {
217 decoded.len = 20;
218 }
212219
213220 /* update SHA1 from key and salt */
214221