diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2006-01-03 23:46:24 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2006-01-03 23:46:24 +0000 |
| commit | 507e07e27704dde07bf246de766b424921de1a1b (patch) | |
| tree | d003a3c9e5a0d001d2fb96d9c22f4979e4a99501 | |
| parent | 925952603d03c017a285bed424ef3159bec460c4 (diff) | |
| download | postgresql-507e07e27704dde07bf246de766b424921de1a1b.tar.gz postgresql-507e07e27704dde07bf246de766b424921de1a1b.zip | |
There is a signedness bug in Openwall gen_salt code that pgcrypto uses.
This makes the salt space for md5 and xdes algorithms a lot smaller than
it should be.
Marko Kreen
| -rw-r--r-- | contrib/pgcrypto/crypt-gensalt.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/contrib/pgcrypto/crypt-gensalt.c b/contrib/pgcrypto/crypt-gensalt.c index 656ab03ef71..01775ee7b75 100644 --- a/contrib/pgcrypto/crypt-gensalt.c +++ b/contrib/pgcrypto/crypt-gensalt.c @@ -62,9 +62,9 @@ _crypt_gensalt_extended_rn(unsigned long count, output[2] = _crypt_itoa64[(count >> 6) & 0x3f]; output[3] = _crypt_itoa64[(count >> 12) & 0x3f]; output[4] = _crypt_itoa64[(count >> 18) & 0x3f]; - value = (unsigned long) input[0] | - ((unsigned long) input[1] << 8) | - ((unsigned long) input[2] << 16); + value = (unsigned long)(unsigned char) input[0] | + ((unsigned long)(unsigned char) input[1] << 8) | + ((unsigned long)(unsigned char) input[2] << 16); output[5] = _crypt_itoa64[value & 0x3f]; output[6] = _crypt_itoa64[(value >> 6) & 0x3f]; output[7] = _crypt_itoa64[(value >> 12) & 0x3f]; @@ -90,9 +90,9 @@ _crypt_gensalt_md5_rn(unsigned long count, output[0] = '$'; output[1] = '1'; output[2] = '$'; - value = (unsigned long) input[0] | - ((unsigned long) input[1] << 8) | - ((unsigned long) input[2] << 16); + value = (unsigned long)(unsigned char) input[0] | + ((unsigned long)(unsigned char) input[1] << 8) | + ((unsigned long)(unsigned char) input[2] << 16); output[3] = _crypt_itoa64[value & 0x3f]; output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; @@ -101,9 +101,9 @@ _crypt_gensalt_md5_rn(unsigned long count, if (size >= 6 && output_size >= 3 + 4 + 4 + 1) { - value = (unsigned long) input[3] | - ((unsigned long) input[4] << 8) | - ((unsigned long) input[5] << 16); + value = (unsigned long)(unsigned char) input[3] | + ((unsigned long)(unsigned char) input[4] << 8) | + ((unsigned long)(unsigned char) input[5] << 16); output[7] = _crypt_itoa64[value & 0x3f]; output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; |