Crypt: fixed handling of corrupted SSHA entries in password file.
Found by Coverity.
Maxim Dounin
10 years ago
| 193 | 193 | ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
| 194 | 194 | { |
| 195 | 195 | size_t len; |
| 196 | ngx_int_t rc; | |
| 196 | 197 | ngx_str_t encoded, decoded; |
| 197 | 198 | ngx_sha1_t sha1; |
| 198 | 199 | |
| 203 | 204 | encoded.data = salt + sizeof("{SSHA}") - 1; |
| 204 | 205 | encoded.len = ngx_strlen(encoded.data); |
| 205 | 206 | |
| 206 | decoded.data = ngx_pnalloc(pool, ngx_base64_decoded_length(encoded.len)); | |
| 207 | len = ngx_max(ngx_base64_decoded_length(encoded.len), 20); | |
| 208 | ||
| 209 | decoded.data = ngx_pnalloc(pool, len); | |
| 207 | 210 | if (decoded.data == NULL) { |
| 208 | 211 | return NGX_ERROR; |
| 209 | 212 | } |
| 210 | 213 | |
| 211 | ngx_decode_base64(&decoded, &encoded); | |
| 214 | rc = ngx_decode_base64(&decoded, &encoded); | |
| 215 | ||
| 216 | if (rc != NGX_OK || decoded.len < 20) { | |
| 217 | decoded.len = 20; | |
| 218 | } | |
| 212 | 219 | |
| 213 | 220 | /* update SHA1 from key and salt */ |
| 214 | 221 | |