[git commit] libbb.h: increase MAX_PW_SALT_LEN

Denys Vlasenko vda.linux at googlemail.com
Thu Jul 17 15:34:14 UTC 2025 

commit: https://git.busybox.net/busybox/commit/?id=dde90f1d4746a2efef20fc227cd38bbcb58d546c
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 include/libbb.h      | 12 ++++++------
 loginutils/cryptpw.c |  3 +--
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/include/libbb.h b/include/libbb.h
index 79427fb31..4f44680aa 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -1825,14 +1825,14 @@ extern int obscure(const char *old, const char *newval, const struct passwd *pwd
 extern int crypt_make_rand64encoded(char *p, int cnt /*, int rnd*/) FAST_FUNC;
 /* Size of char salt[] to hold randomly-generated salt string
  * sha256/512:
- * "$5$<sha_salt_16_chars><NUL>"
- * "$6$<sha_salt_16_chars><NUL>"
- * #define MAX_PW_SALT_LEN (3 + 16 + 1)
+ * "$5$" ["rounds=999999999$"] "<sha_salt_16_chars><NUL>"
+ * "$6$" ["rounds=999999999$"] "<sha_salt_16_chars><NUL>"
+ * #define MAX_PW_SALT_LEN (3 + sizeof("rounds=999999999$")-1 + 16 + 1)
  * yescrypt:
- * "$y$" <up to 8 params of up to 6 chars each> "$" <up to 84 chars salt><NUL>
- * (84 chars are ascii64-encoded 64 binary bytes)
+ * "$y$" <up to 8 params of up to 6 chars each> "$" <up to 86 chars salt><NUL>
+ * (86 chars are ascii64-encoded 64 binary bytes)
  */
-#define MAX_PW_SALT_LEN (3 + 8*6 + 1 + 84 + 1)
+#define MAX_PW_SALT_LEN (3 + 8*6 + 1 + 86 + 1)
 extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) FAST_FUNC;
 
 /* Returns number of lines changed, or -1 on error */
diff --git a/loginutils/cryptpw.c b/loginutils/cryptpw.c
index 1c338540f..c0f6280cd 100644
--- a/loginutils/cryptpw.c
+++ b/loginutils/cryptpw.c
@@ -84,8 +84,7 @@ to cryptpw. -a option (alias for -m) came from cryptpw.
 int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int cryptpw_main(int argc UNUSED_PARAM, char **argv)
 {
-	/* Supports: cryptpw -m sha256 PASS 'rounds=999999999$SALT' */
-	char salt[MAX_PW_SALT_LEN + sizeof("rounds=999999999$")];
+	char salt[MAX_PW_SALT_LEN];
 	char *salt_ptr;
 	char *password;
 	const char *opt_m, *opt_S;

More information about the busybox-cvs mailing list