[git commit] libbb/yescrypt: code shrink in salt decoding
Denys Vlasenko
vda.linux at googlemail.com
Sun Jul 6 01:59:59 UTC 2025
commit: https://git.busybox.net/busybox/commit/?id=85d3c48217bcbbe670aa466705fee703b95cbc36
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master
function old new delta
yescrypt_r 1311 1288 -23
Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
libbb/yescrypt/alg-yescrypt-common.c | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/libbb/yescrypt/alg-yescrypt-common.c b/libbb/yescrypt/alg-yescrypt-common.c
index 65c92f22f..8d75fa051 100644
--- a/libbb/yescrypt/alg-yescrypt-common.c
+++ b/libbb/yescrypt/alg-yescrypt-common.c
@@ -233,33 +233,29 @@ uint8_t *yescrypt_r(
}
if (!src)
return NULL;
- if (*src++ != '$')
+ if (*src != '$')
return NULL;
- prefixlen = src - setting;
-
- saltstr = src;
- src = (uint8_t *)strrchr((char *)saltstr, '$');
- if (src)
- saltstrlen = src - saltstr;
- else
- saltstrlen = strlen((char *)saltstr);
+ saltstr = src + 1;
+ src = (uint8_t *)strchrnul((char *)saltstr, '$');
+ prefixlen = src - setting; /* len("$y$<params>$<salt>") */
+ saltstrlen = src - saltstr; /* len("<salt>") */
+ /* src points to end of salt ('$' or NUL byte), won't be used past this point */
saltlen = sizeof(saltbin);
saltend = decode64(saltbin, &saltlen, saltstr, saltstrlen);
+ if (saltend != saltstr + saltstrlen)
+ goto fail; /* saltbin[] is too small, or bad char during decode */
- if (!saltend || (size_t)(saltend - saltstr) != saltstrlen)
- goto fail;
-
- need = prefixlen + saltstrlen + 1 + HASH_LEN + 1;
- if (need > buflen || need < saltstrlen)
+ need = prefixlen + 1 + HASH_LEN + 1;
+ if (need > buflen || need < prefixlen)
goto fail;
if (yescrypt_kdf(local, passwd, passwdlen, saltbin, saltlen,
¶ms, hashbin, sizeof(hashbin)))
goto fail;
- dst = mempcpy(buf, setting, prefixlen + saltstrlen);
+ dst = mempcpy(buf, setting, prefixlen);
*dst++ = '$';
dst = encode64(dst, buflen - (dst - buf), hashbin, sizeof(hashbin));
explicit_bzero(hashbin, sizeof(hashbin));
More information about the busybox-cvs
mailing list