diff --git a/src/fbmath.c b/src/fbmath.c index 59a6b665..c6b4d553 100644 --- a/src/fbmath.c +++ b/src/fbmath.c @@ -584,26 +584,6 @@ rnd(void *buffer) * *********************************************************************/ -#ifdef USE_SSL -static void -PBKDF2_HMAC_SHA_512(const char* pass, const unsigned char* salt, - int32_t iterations, uint32_t outputBytes, - char* hexResult) -{ - unsigned int i; - unsigned char* digest; - - digest = (unsigned char*)malloc(outputBytes); - - PKCS5_PBKDF2_HMAC(pass, strlen(pass), salt, strlen(salt), iterations, - EVP_sha512(), outputBytes, digest); - for (i = 0; i < outputBytes; i++) - sprintf(hexResult + (i * 2), "%02x", 255 & digest[i]); - - free(digest); -} -#endif - /** * Generate a PBKDF2 password hash with the given password and salt. * @@ -672,7 +652,12 @@ pbkdf2_hash(const char* password, int password_len, const char* salt, PKCS5_PBKDF2_HMAC(password, password_len, salt, salt_len, 1000, EVP_sha512(), digest_len, digest); - for (i = 0; i < digest_len; i++) { + /* + * The -1 here should avoid a buffer overflow as otherwise this will + * get to be exactly the same size as buffer with no room for the + * null. + */ + for (i = 0; i < (digest_len - 1); i++) { sprintf(buffer + salt_len + 4 + (i * 2), "%02x", 255 & digest[i]); } diff --git a/src/player.c b/src/player.c index e8ef978f..8e65c474 100644 --- a/src/player.c +++ b/src/player.c @@ -123,7 +123,17 @@ check_password(dbref player, const char *password) } } - if (!strcmp(pword, processed)) + /* + * There was a bug where the password hash was causing a buffer + * overflow. Some compilers apparently cover this up or smooth + * this over in some fashion which means it is an inconsistent + * overflow. + * + * By matching by the length of 'processed', we'll be able to + * support any old "too long" hashes that may have slipped into + * the system. + */ + if (!strncmp(pword, processed, strlen(processed))) return 1; return 0;