Ensure that PBKDF2_SHA256() is not used to output more than 128 Go.

2015-06-06 12:46:22 +02:00 · 2015-06-06 12:46:22 +02:00 · f46439c1e2
commit f46439c1e2
parent 86d92bc11d
1 changed files with 3 additions and 0 deletions
--- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c
+++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c
@ -53,6 +53,9 @@ PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt,
    int             k;
    size_t          clen;

+    if (dkLen > 0x1fffffffe0UL) {
+        abort();
+    }
    crypto_auth_hmacsha256_init(&PShctx, passwd, passwdlen);
    crypto_auth_hmacsha256_update(&PShctx, salt, saltlen);