On Fri, 24 Jan 2025 at 19:06, Alvaro Herrera <alvhe...@alvh.no-ip.org> wrote: > On 2025-Jan-24, Bernd Helmle wrote: > >> So we behave exactly the same way as px_crypt_md5(): It stops after the >> first '$' after the magic byte preamble. For shacrypt, this could be >> the next '$' after the closing one of the non-mandatory 'rounds' >> option, but with your example this doesn't happen since it gets never >> parsed. The salt length will be set to 0. > > IMO silently using no salt or 0 iterations because the input is somewhat > broken is bad security and should be rejected. If we did so in the past > without noticing, that's bad already, but we should not replicate that > behavior any further. >
I agree with this point, so maybe we should fix this for px_crypt_md(). -- Regrads, Japin Li
