diff options
| author | Tom Lane | 2006-01-03 23:46:51 +0000 |
|---|---|---|
| committer | Tom Lane | 2006-01-03 23:46:51 +0000 |
| commit | 8dc7c8cf1dc38a96cff8cf9c2c5e90f678e67420 (patch) | |
| tree | 1be03c8ab91c5c878a0e3ce3115dec8bca42ce5d | |
| parent | bf8128f7578cf55e7bf6cb160f3773a40078d4c8 (diff) | |
There is a signedness bug in Openwall gen_salt code that pgcrypto uses.
This makes the salt space for md5 and xdes algorithms a lot smaller than
it should be.
Marko Kreen
| -rw-r--r-- | contrib/pgcrypto/crypt-gensalt.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/contrib/pgcrypto/crypt-gensalt.c b/contrib/pgcrypto/crypt-gensalt.c index c58e794789f..64ab6912a80 100644 --- a/contrib/pgcrypto/crypt-gensalt.c +++ b/contrib/pgcrypto/crypt-gensalt.c @@ -69,9 +69,9 @@ _crypt_gensalt_extended_rn(unsigned long count, output[2] = _crypt_itoa64[(count >> 6) & 0x3f]; output[3] = _crypt_itoa64[(count >> 12) & 0x3f]; output[4] = _crypt_itoa64[(count >> 18) & 0x3f]; - value = (unsigned long) input[0] | - ((unsigned long) input[1] << 8) | - ((unsigned long) input[2] << 16); + value = (unsigned long)(unsigned char) input[0] | + ((unsigned long)(unsigned char) input[1] << 8) | + ((unsigned long)(unsigned char) input[2] << 16); output[5] = _crypt_itoa64[value & 0x3f]; output[6] = _crypt_itoa64[(value >> 6) & 0x3f]; output[7] = _crypt_itoa64[(value >> 12) & 0x3f]; @@ -98,9 +98,9 @@ _crypt_gensalt_md5_rn(unsigned long count, output[0] = '$'; output[1] = '1'; output[2] = '$'; - value = (unsigned long) input[0] | - ((unsigned long) input[1] << 8) | - ((unsigned long) input[2] << 16); + value = (unsigned long)(unsigned char) input[0] | + ((unsigned long)(unsigned char) input[1] << 8) | + ((unsigned long)(unsigned char) input[2] << 16); output[3] = _crypt_itoa64[value & 0x3f]; output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; @@ -109,9 +109,9 @@ _crypt_gensalt_md5_rn(unsigned long count, if (size >= 6 && output_size >= 3 + 4 + 4 + 1) { - value = (unsigned long) input[3] | - ((unsigned long) input[4] << 8) | - ((unsigned long) input[5] << 16); + value = (unsigned long)(unsigned char) input[3] | + ((unsigned long)(unsigned char) input[4] << 8) | + ((unsigned long)(unsigned char) input[5] << 16); output[7] = _crypt_itoa64[value & 0x3f]; output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; |