shadow/libmisc
Mike Gilbert 234e8fa7b1 libmisc: fix default value in SHA_get_salt_rounds()
If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified,
use SHA_ROUNDS_DEFAULT.

Previously, the code fell through, calling shadow_random(-1, -1). This
ultimately set rounds = (unsigned long) -1, which ends up being a very
large number! This then got capped to SHA_ROUNDS_MAX later in the
function.

The new behavior matches BCRYPT_get_salt_rounds().

Bug: https://bugs.gentoo.org/808195
Fixes: https://github.com/shadow-maint/shadow/issues/393
2021-08-14 13:43:26 -04:00
..
.indent.pro
addgrps.c Fix covscan RESOURCE_LEAK 2021-06-24 09:18:35 +02:00
age.c
audit_help.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
basename.c Miscellaneous: 2011-09-18 21:02:43 +00:00
btrfs.c silence compiler warnings 2020-01-12 07:31:26 -06:00
chkname.c chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards 2019-10-04 18:40:41 -05:00
chkname.h
chowndir.c * libmisc/chowndir.c: Add splint annotations. 2011-08-14 14:00:14 +00:00
chowntty.c Fix covscan RESOURCE_LEAK 2021-06-24 09:18:35 +02:00
cleanup_group.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
cleanup_user.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
cleanup.c * lib/prototypes.h, libmisc/cleanup.c, lib/spawn.c, src/chage.c: 2011-10-18 20:23:33 +00:00
console.c Fix some issues found in Coverity scan. 2018-10-10 12:22:04 +02:00
copydir.c Fix covscan RESOURCE_LEAK 2021-06-24 09:18:35 +02:00
entry.c
env.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
failure.c Fix covscan BUFFER_SIZE 2021-06-16 09:50:53 +02:00
failure.h spelling: cumulative 2017-10-22 18:33:13 +00:00
find_new_gid.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
find_new_sub_gids.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
find_new_sub_uids.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
find_new_uid.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
getdate.h * libmisc/limits.c: Avoid implicit conversion of integer to 2010-08-22 19:13:53 +00:00
getdate.y spelling: gratuitously 2017-10-22 19:17:02 +00:00
getgr_nam_gid.c * lib/prototypes.h, libmisc/getgr_nam_gid.c: getgr_nam_gid() 2011-08-14 13:16:26 +00:00
getrange.c
gettime.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
hushed.c * libmisc/limits.c: Avoid implicit conversion of integer to 2010-08-22 19:13:53 +00:00
idmapping.c Fix covscan RESOURCE_LEAK 2021-06-24 09:18:35 +02:00
idmapping.h subids: support nsswitch 2021-04-16 21:02:37 -05:00
isexpired.c * libmisc/isexpired.c: Added parenthesis. 2011-06-16 21:25:36 +00:00
limits.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
list.c libmisc: don't free members variable 2021-07-14 12:13:25 +02:00
log.c Fix covscan BUFFER_SIZE 2021-06-16 09:50:53 +02:00
loginprompt.c * libmisc/salt.c (SHA_salt_rounds): It is statically ensured that 2011-09-18 20:41:38 +00:00
mail.c
Makefile.am Fix out of tree builds with respect to libsubid includes 2021-07-23 17:51:13 -05:00
motd.c * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c, 2010-08-21 15:32:53 +00:00
myname.c Fix covscan RESOURCE_LEAK 2021-06-24 09:18:35 +02:00
obscure.c Add yescrypt support 2021-02-01 22:11:10 +01:00
pam_pass_non_interactive.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
pam_pass.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
prefix_flag.c usermod, newusers, prefix: enforce absolute paths for homedir 2021-06-01 22:12:24 -05:00
pwd2spwd.c Make the sp_lstchg shadow field reproducible (re. #71) 2019-03-31 16:00:01 +01:00
pwd_init.c
pwdcheck.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
remove_tree.c Integrate review comments from Julien Cristau 2010-09-05 15:34:42 +00:00
rlogin.c
root_flag.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
salt.c libmisc: fix default value in SHA_get_salt_rounds() 2021-08-14 13:43:26 -04:00
setugid.c Updated copyrights. 2010-08-22 13:04:54 +00:00
setupenv.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
shell.c * libmisc/limits.c: Avoid implicit conversion of integer to 2010-08-22 19:13:53 +00:00
strtoday.c spelling: cumulative 2017-10-22 18:33:13 +00:00
sub.c Fix typo in comment. 2013-08-04 15:56:32 +02:00
sulog.c Updated copyrights. 2010-08-22 13:04:54 +00:00
ttytype.c * libmisc/limits.c: Avoid implicit conversion of integer to 2010-08-22 19:13:53 +00:00
tz.c Updated copyrights. 2010-08-22 13:04:54 +00:00
ulimit.c
user_busy.c Fix covscan RESOURCE_LEAK 2021-06-24 09:18:35 +02:00
utmp.c Fix covscan BUFFER_SIZE 2021-06-16 09:50:53 +02:00
valid.c crypt() in glibc/eglibc 2.17 now fails if passed 2013-07-28 18:41:11 +02:00
xgetgrgid.c
xgetgrnam.c
xgetpwnam.c
xgetpwuid.c
xgetspnam.c
xgetXXbyYY.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
xmalloc.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
yesno.c