File openssh-6.6p1-limit_password_length.patch of Package openssh-askpass-gnome.9942

Overview Repositories Revisions Requests Users Attributes Meta

File openssh-6.6p1-limit_password_length.patch of Package openssh-askpass-gnome.9942

# HG changeset patch
# Parent  cbddbfd160a3498f979c90d43bbbd979ce5b1bff
Limit accepted passwords length to prevent DoS by resource consumption
(via crypt() eating CPU cycles).

CVE-2016-6515
bsc#992533

upstream commit: fcd135c9df440bcd2d5870405ad3311743d78d97

diff --git a/openssh-6.6p1/auth-passwd.c b/openssh-6.6p1/auth-passwd.c
--- a/openssh-6.6p1/auth-passwd.c
+++ b/openssh-6.6p1/auth-passwd.c
@@ -60,16 +60,18 @@ extern ServerOptions options;
 #ifdef HAVE_LOGIN_CAP
 extern login_cap_t *lc;
 #endif
 
 
 #define DAY		(24L * 60 * 60) /* 1 day in seconds */
 #define TWO_WEEKS	(2L * 7 * DAY)	/* 2 weeks in seconds */
 
+#define MAX_PASSWORD_LEN	1024
+
 void
 disable_forwarding(void)
 {
 	no_port_forwarding_flag = 1;
 	no_agent_forwarding_flag = 1;
 	no_x11_forwarding_flag = 1;
 }
 
@@ -81,16 +83,19 @@ int
 auth_password(Authctxt *authctxt, const char *password)
 {
 	struct passwd * pw = authctxt->pw;
 	int result, ok = authctxt->valid;
 #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 	static int expire_checked = 0;
 #endif
 
+	if (strlen(password) > MAX_PASSWORD_LEN)
+		return 0;
+
 #ifndef HAVE_CYGWIN
 	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
 		ok = 0;
 #endif
 	if (*password == '\0' && options.permit_empty_passwd == 0)
 		return 0;
 
 #ifdef KRB5

Places

File openssh-6.6p1-limit_password_length.patch of Package openssh-askpass-gnome.9942

Places