From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Thu, 24 Sep 2015 17:33:48 +0000 (+0100)
Subject: Add encrypted length guard.
X-Git-Tag: 1.0.3~26
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=28e68fc82c74e50e67ebaeb7bd1caead7d1b48fc;p=thirdparty%2Frspamd.git

Add encrypted length guard.
---

diff --git a/src/rspamadm/pw.c b/src/rspamadm/pw.c
index c2a5ca690a..df1ca2db70 100644
--- a/src/rspamadm/pw.c
+++ b/src/rspamadm/pw.c
@@ -178,6 +178,12 @@ rspamadm_pw_check (void)
 	pbkdf = &pbkdf_list[0];
 	g_assert (pbkdf != NULL);
 
+	if (encrypted_pwd->len < pbkdf->salt_len + pbkdf->key_len + 3) {
+		msg_err ("incorrect salt: password length: %d, must be at least %z characters",
+				encrypted_pwd->len, pbkdf->salt_len);
+		exit (EXIT_FAILURE);
+	}
+
 	/* get salt */
 	salt = rspamd_encrypted_password_get_str (encrypted_pwd->str, 3, &salt_len);
 	/* get hash */