Fix hash limiting if parameter is not a number.

If hash lenght specification was not a number, the whole key was set
to zero instead of command failure.

Resolves
https://bugzilla.redhat.com/show_bug.cgi?id=1028362

lib/crypt_plain.c

@@ -21,7 +21,7 @@
  */
 
 #include <string.h>
-#include <stdlib.h>
+#include <stdio.h>
 #include <errno.h>
 
 #include "libcryptsetup.h"
@@ -83,7 +83,11 @@ int crypt_plain_hash(struct crypt_device *ctx __attribute__((unused)),
 	/* hash[:hash_length] */
 	if ((s = strchr(hash_name_buf, ':'))) {
 		*s = '\0';
-		hash_size = atoi(++s);
+		s++;
+		if (!*s || sscanf(s, "%zd", &hash_size) != 1) {
+			log_dbg("Hash length is not a number");
+			return -EINVAL;
+		}
 		if (hash_size > key_size) {
 			log_dbg("Hash length %zd > key length %zd",
 				hash_size, key_size);

tests/password-hash-test

@@ -20,6 +20,12 @@ cleanup() {
 	exit $1
 }
 
+function fail()
+{
+        echo " $1 [FAILED]"
+        cleanup 2
+}
+
 crypt_key() # hash keysize pwd/file name outkey [limit]
 {
 	DEV2=$DEV_NAME"_x"
@@ -50,8 +56,13 @@ crypt_key() # hash keysize pwd/file name outkey [limit]
 		$CRYPTSETUP create -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
 		ret=$?
 		;;
+	failpwd)
+		echo -e -n "$4" | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null && fail "Expecting failure"
+		echo " [OK]"
+		return
+		;;
 	*)
-		fail
+		fail ""
 		;;
 	esac
 
@@ -107,6 +118,9 @@ crypt_key unknown*  256 file /dev/zero 00000000000000000000000000000000000000000
 crypt_key sha256:20 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b4580588000000000000000000000000
 crypt_key sha256:32 256 pwd "xxx" cd2eb0837c9b4c962c22d2ff8b5441b7b45805887f051d39bf133b583baf6860
 
+crypt_key sha256:   256 failpwd "xxx" x
+crypt_key sha256:xx 256 failpwd "xxx" x
+
 # key file, 80 chars
 echo -n -e "0123456789abcdef\n\x01\x00\x03\xff\xff\r\xff\xff\n\r" \
 	   "2352j3rkjhadcfasc823rqaw7e1 3dq sdq3d 2dkjqw3h2=====" >$KEY_FILE