From d68f86558e94a630edb5fda029c9564650bfd2a6 Mon Sep 17 00:00:00 2001
From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Thu, 23 Oct 2025 19:50:43 +0200
Subject: [PATCH] lib-auth: auth-scram-client - Reduce maximum hash iterations
 in fuzzer to prevent timeout

OSS-Fuzz report: 454444201
---
 src/lib-auth/auth-scram-client.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/lib-auth/auth-scram-client.c b/src/lib-auth/auth-scram-client.c
index 6652b43f71..8ba4d03666 100644
--- a/src/lib-auth/auth-scram-client.c
+++ b/src/lib-auth/auth-scram-client.c
@@ -18,7 +18,11 @@
 /* c-nonce length */
 #define SCRAM_CLIENT_NONCE_LEN 64
 /* Max iteration count accepted by the client */
-#define SCRAM_MAX_ITERATE_COUNT (128 * 4096)
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+#  define SCRAM_MAX_ITERATE_COUNT (128 * 4096)
+#else
+#  define SCRAM_MAX_ITERATE_COUNT (2 * 4096)
+#endif
 
 void auth_scram_client_init(struct auth_scram_client *client_r, pool_t pool,
 			    const struct auth_scram_client_settings *set)
-- 
2.47.3