libmisc: fix default value in SHA_get_salt_rounds()

If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified,
use SHA_ROUNDS_DEFAULT.

Previously, the code fell through, calling shadow_random(-1, -1). This
ultimately set rounds = (unsigned long) -1, which ends up being a very
large number! This then got capped to SHA_ROUNDS_MAX later in the
function.

The new behavior matches BCRYPT_get_salt_rounds().

Bug: https://bugs.gentoo.org/808195
Fixes: https://github.com/shadow-maint/shadow/issues/393

diff --git a/libmisc/salt.c b/libmisc/salt.c
index 91d528fda5b4e2150acaa962156a75c5ebbf6ee9..30eefb9c1ef36e165e1b0b1c9f7d97e4d9ca5a0e 100644 (file)
--- a/libmisc/salt.c
+++ b/libmisc/salt.c
@@ -223,20 +223,21 @@ static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *pre
                if ((-1 == min_rounds) && (-1 == max_rounds)) {
                        rounds = SHA_ROUNDS_DEFAULT;
                }
+               else {
+                       if (-1 == min_rounds) {
+                               min_rounds = max_rounds;
+                       }
 
-               if (-1 == min_rounds) {
-                       min_rounds = max_rounds;
-               }
+                       if (-1 == max_rounds) {
+                               max_rounds = min_rounds;
+                       }
 
-               if (-1 == max_rounds) {
-                       max_rounds = min_rounds;
-               }
+                       if (min_rounds > max_rounds) {
+                               max_rounds = min_rounds;
+                       }
 
-               if (min_rounds > max_rounds) {
-                       max_rounds = min_rounds;
+                       rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
                }
-
-               rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
        } else if (0 == *prefered_rounds) {
                rounds = SHA_ROUNDS_DEFAULT;
        } else {