From 507e07e27704dde07bf246de766b424921de1a1b Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Tue, 3 Jan 2006 23:46:24 +0000
Subject: [PATCH] There is a signedness bug in Openwall gen_salt code that
 pgcrypto uses. This makes the salt space for md5 and xdes algorithms a lot
 smaller than it should be.

Marko Kreen
---
 contrib/pgcrypto/crypt-gensalt.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/contrib/pgcrypto/crypt-gensalt.c b/contrib/pgcrypto/crypt-gensalt.c
index 656ab03ef71..01775ee7b75 100644
--- a/contrib/pgcrypto/crypt-gensalt.c
+++ b/contrib/pgcrypto/crypt-gensalt.c
@@ -62,9 +62,9 @@ _crypt_gensalt_extended_rn(unsigned long count,
 	output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
 	output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
 	output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
-	value = (unsigned long) input[0] |
-		((unsigned long) input[1] << 8) |
-		((unsigned long) input[2] << 16);
+	value = (unsigned long)(unsigned char) input[0] |
+		((unsigned long)(unsigned char) input[1] << 8) |
+		((unsigned long)(unsigned char) input[2] << 16);
 	output[5] = _crypt_itoa64[value & 0x3f];
 	output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
 	output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
@@ -90,9 +90,9 @@ _crypt_gensalt_md5_rn(unsigned long count,
 	output[0] = '$';
 	output[1] = '1';
 	output[2] = '$';
-	value = (unsigned long) input[0] |
-		((unsigned long) input[1] << 8) |
-		((unsigned long) input[2] << 16);
+	value = (unsigned long)(unsigned char) input[0] |
+		((unsigned long)(unsigned char) input[1] << 8) |
+		((unsigned long)(unsigned char) input[2] << 16);
 	output[3] = _crypt_itoa64[value & 0x3f];
 	output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
 	output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
@@ -101,9 +101,9 @@ _crypt_gensalt_md5_rn(unsigned long count,
 
 	if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
 	{
-		value = (unsigned long) input[3] |
-			((unsigned long) input[4] << 8) |
-			((unsigned long) input[5] << 16);
+		value = (unsigned long)(unsigned char) input[3] |
+			((unsigned long)(unsigned char) input[4] << 8) |
+			((unsigned long)(unsigned char) input[5] << 16);
 		output[7] = _crypt_itoa64[value & 0x3f];
 		output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
 		output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
-- 
GitLab