diff options
Diffstat (limited to 'common')
| -rw-r--r-- | common/passwd.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/common/passwd.c b/common/passwd.c index c3971f4..9e7dacb 100644 --- a/common/passwd.c +++ b/common/passwd.c @@ -460,7 +460,6 @@ char *eurephia_pwd_crypt(eurephiaCTX *ctx, const char *key, const char *salt) { char *buffer = NULL, *result = NULL; int buflen = (MAX_SALT_LEN + 20 + 1 + 86 + 1); char saltinfo[20], saltstr[MAX_SALT_LEN+22]; // saltstr will also contain saltinfo - int saltlen = 0; static size_t maxrounds = 0; static int srand_init = 0; @@ -482,18 +481,18 @@ char *eurephia_pwd_crypt(eurephiaCTX *ctx, const char *key, const char *salt) { if( salt == NULL ) { // If we do not have salt, create salt info - char tmp[saltlen+2]; - memset(&saltstr, 0, MAX_SALT_LEN+22); - memset(&tmp, 0, saltlen+2); - int minrounds = 0, rounds = ROUNDS_DEFAULT_MAX, loop = 0; + char *tmp = NULL; + int minrounds = 0, rounds = ROUNDS_DEFAULT_MAX, loop = 0, saltlen = 0; + // Get current salt length + saltlen = defaultIntValue(atoi_nullsafe(eGet_value(ctx->dbc->config, + "passwordhash_salt_length")), + DEFAULT_SALT_LEN); - if( saltlen == 0 ) { - // Get current salt length - saltlen = defaultIntValue(atoi_nullsafe(eGet_value(ctx->dbc->config, - "passwordhash_salt_length")), - DEFAULT_SALT_LEN); - } + tmp = malloc_nullsafe(ctx, saltlen+2); + assert(tmp != NULL); + memset(tmp, 0, saltlen+2); + memset(&saltstr, 0, MAX_SALT_LEN+22); // Get default min rounds for hashing minrounds = defaultIntValue(atoi_nullsafe(eGet_value(ctx->dbc->config, "passwordhash_rounds_min")), @@ -521,7 +520,8 @@ char *eurephia_pwd_crypt(eurephiaCTX *ctx, const char *key, const char *salt) { pack_saltinfo(saltinfo, 18, rounds, saltlen, key); strncpy(saltstr, saltinfo, strlen(saltinfo)); strncat(saltstr, tmp, saltlen - strlen(saltinfo)); - memset(&tmp, 0, saltlen+2); + memset(tmp, 0, saltlen+2); + free_nullsafe(ctx, tmp); } else { // If we have a salt, use it snprintf(saltstr, MAX_SALT_LEN+20, "%s%c", salt, 0); |