diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2006-01-03 23:46:44 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2006-01-03 23:46:44 +0000 |
| commit | a559ef6594ce2c73198a3f9acb80b8f48eb0a02b (patch) | |
| tree | e1e4ef8ed51afa626da51ad96f0a93cf00b5ebf7 /contrib | |
| parent | bf6c87f5a4e946e39d7d428cd05d407957aaac6c (diff) | |
| download | postgresql-a559ef6594ce2c73198a3f9acb80b8f48eb0a02b.tar.gz | |
There is a signedness bug in Openwall gen_salt code that pgcrypto uses.
This makes the salt space for md5 and xdes algorithms a lot smaller than
it should be.
Marko Kreen
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/pgcrypto/crypt-gensalt.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/contrib/pgcrypto/crypt-gensalt.c b/contrib/pgcrypto/crypt-gensalt.c index c58e794789..64ab6912a8 100644 --- a/contrib/pgcrypto/crypt-gensalt.c +++ b/contrib/pgcrypto/crypt-gensalt.c @@ -69,9 +69,9 @@ _crypt_gensalt_extended_rn(unsigned long count, output[2] = _crypt_itoa64[(count >> 6) & 0x3f]; output[3] = _crypt_itoa64[(count >> 12) & 0x3f]; output[4] = _crypt_itoa64[(count >> 18) & 0x3f]; - value = (unsigned long) input[0] | - ((unsigned long) input[1] << 8) | - ((unsigned long) input[2] << 16); + value = (unsigned long)(unsigned char) input[0] | + ((unsigned long)(unsigned char) input[1] << 8) | + ((unsigned long)(unsigned char) input[2] << 16); output[5] = _crypt_itoa64[value & 0x3f]; output[6] = _crypt_itoa64[(value >> 6) & 0x3f]; output[7] = _crypt_itoa64[(value >> 12) & 0x3f]; @@ -98,9 +98,9 @@ _crypt_gensalt_md5_rn(unsigned long count, output[0] = '$'; output[1] = '1'; output[2] = '$'; - value = (unsigned long) input[0] | - ((unsigned long) input[1] << 8) | - ((unsigned long) input[2] << 16); + value = (unsigned long)(unsigned char) input[0] | + ((unsigned long)(unsigned char) input[1] << 8) | + ((unsigned long)(unsigned char) input[2] << 16); output[3] = _crypt_itoa64[value & 0x3f]; output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; @@ -109,9 +109,9 @@ _crypt_gensalt_md5_rn(unsigned long count, if (size >= 6 && output_size >= 3 + 4 + 4 + 1) { - value = (unsigned long) input[3] | - ((unsigned long) input[4] << 8) | - ((unsigned long) input[5] << 16); + value = (unsigned long)(unsigned char) input[3] | + ((unsigned long)(unsigned char) input[4] << 8) | + ((unsigned long)(unsigned char) input[5] << 16); output[7] = _crypt_itoa64[value & 0x3f]; output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; |