kevin/libsodium
1
Fork 0
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-19 18:15:18 -07:00
Code Releases Wiki Activity

Argon2: check that m_cost/t_cost/lanes decode to uint32

Browse Source
This commit is contained in:
Frank Denis 2016-09-18 09:33:35 +02:00
parent ed19556c2f
commit 26e8b0253f
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/libsodium/crypto_pwhash/argon2/argon2-encoding.c
View File

@ -293,6 +293,7 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
size_t maxadlen = ctx->adlen;
size_t maxsaltlen = ctx->saltlen;
size_t maxoutlen = ctx->outlen;
unsigned long val;
unsigned long version = 0;
int validation_result;
@ -310,11 +311,23 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
return ARGON2_INCORRECT_TYPE;
}
CC("$m=");
DECIMAL(ctx->m_cost);
DECIMAL(val);
if (val > UINT32_MAX) {
return ARGON2_INCORRECT_TYPE;
}
ctx->m_cost = (uint32_t) val;
CC(",t=");
DECIMAL(ctx->t_cost);
DECIMAL(val);
if (val > UINT32_MAX) {
return ARGON2_INCORRECT_TYPE;
}
ctx->t_cost = (uint32_t) val;
CC(",p=");
DECIMAL(ctx->lanes);
DECIMAL(val);
if (val > UINT32_MAX) {
return ARGON2_INCORRECT_TYPE;
}
ctx->lanes = (uint32_t) val;
ctx->threads = ctx->lanes;
CC_opt(",data=", BIN(ctx->ad, maxadlen, ctx->adlen));