lib-auth: auth-scram-client - Reduce maximum hash iterations in fuzzer to prevent...

author Stephan Bosch <stephan.bosch@open-xchange.com>

Thu, 23 Oct 2025 17:50:43 +0000 (19:50 +0200)

committer timo.sirainen <timo.sirainen@open-xchange.com>

Fri, 24 Oct 2025 17:23:38 +0000 (17:23 +0000)
author Stephan Bosch <stephan.bosch@open-xchange.com>
Thu, 23 Oct 2025 17:50:43 +0000 (19:50 +0200)
committer timo.sirainen <timo.sirainen@open-xchange.com>
Fri, 24 Oct 2025 17:23:38 +0000 (17:23 +0000)
diff --git a/src/lib-auth/auth-scram-client.c b/src/lib-auth/auth-scram-client.c

index 6652b43f71238e4cfdc6fe0768500ebaaf43d9aa..8ba4d03666d483ec7174b2c0766d690cd45776c9 100644 (file)
--- a/src/lib-auth/auth-scram-client.c
+++ b/src/lib-auth/auth-scram-client.c
@@ -18,7 +18,11 @@
  /* c-nonce length */
  #define SCRAM_CLIENT_NONCE_LEN 64
  /* Max iteration count accepted by the client */
-#define SCRAM_MAX_ITERATE_COUNT (128 * 4096)
+#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+#  define SCRAM_MAX_ITERATE_COUNT (128 * 4096)
+#else
+#  define SCRAM_MAX_ITERATE_COUNT (2 * 4096)
+#endif
  
  void auth_scram_client_init(struct auth_scram_client *client_r, pool_t pool,
                             const struct auth_scram_client_settings *set)
author	Stephan Bosch <stephan.bosch@open-xchange.com>
	Thu, 23 Oct 2025 17:50:43 +0000 (19:50 +0200)
committer	timo.sirainen <timo.sirainen@open-xchange.com>
	Fri, 24 Oct 2025 17:23:38 +0000 (17:23 +0000)