Commit 507e07e2 authored by Tom Lane's avatar Tom Lane

There is a signedness bug in Openwall gen_salt code that pgcrypto uses.

This makes the salt space for md5 and xdes algorithms a lot smaller than
it should be.

Marko Kreen
parent 92595260
...@@ -62,9 +62,9 @@ _crypt_gensalt_extended_rn(unsigned long count, ...@@ -62,9 +62,9 @@ _crypt_gensalt_extended_rn(unsigned long count,
output[2] = _crypt_itoa64[(count >> 6) & 0x3f]; output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
output[3] = _crypt_itoa64[(count >> 12) & 0x3f]; output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
output[4] = _crypt_itoa64[(count >> 18) & 0x3f]; output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
value = (unsigned long) input[0] | value = (unsigned long)(unsigned char) input[0] |
((unsigned long) input[1] << 8) | ((unsigned long)(unsigned char) input[1] << 8) |
((unsigned long) input[2] << 16); ((unsigned long)(unsigned char) input[2] << 16);
output[5] = _crypt_itoa64[value & 0x3f]; output[5] = _crypt_itoa64[value & 0x3f];
output[6] = _crypt_itoa64[(value >> 6) & 0x3f]; output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
output[7] = _crypt_itoa64[(value >> 12) & 0x3f]; output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
...@@ -90,9 +90,9 @@ _crypt_gensalt_md5_rn(unsigned long count, ...@@ -90,9 +90,9 @@ _crypt_gensalt_md5_rn(unsigned long count,
output[0] = '$'; output[0] = '$';
output[1] = '1'; output[1] = '1';
output[2] = '$'; output[2] = '$';
value = (unsigned long) input[0] | value = (unsigned long)(unsigned char) input[0] |
((unsigned long) input[1] << 8) | ((unsigned long)(unsigned char) input[1] << 8) |
((unsigned long) input[2] << 16); ((unsigned long)(unsigned char) input[2] << 16);
output[3] = _crypt_itoa64[value & 0x3f]; output[3] = _crypt_itoa64[value & 0x3f];
output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
...@@ -101,9 +101,9 @@ _crypt_gensalt_md5_rn(unsigned long count, ...@@ -101,9 +101,9 @@ _crypt_gensalt_md5_rn(unsigned long count,
if (size >= 6 && output_size >= 3 + 4 + 4 + 1) if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
{ {
value = (unsigned long) input[3] | value = (unsigned long)(unsigned char) input[3] |
((unsigned long) input[4] << 8) | ((unsigned long)(unsigned char) input[4] << 8) |
((unsigned long) input[5] << 16); ((unsigned long)(unsigned char) input[5] << 16);
output[7] = _crypt_itoa64[value & 0x3f]; output[7] = _crypt_itoa64[value & 0x3f];
output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment