diff options
author | Mattias Andrée <maandree@kth.se> | 2023-06-23 18:16:57 +0200 |
---|---|---|
committer | Mattias Andrée <maandree@kth.se> | 2023-06-23 18:17:00 +0200 |
commit | d84d78d2d26c4cf3cdd89c8a30fcb602b2909cb0 (patch) | |
tree | 364c2874ff63a92cb5a52e8b5f3f7f8b1b60e577 /libar2simplified_decode_r.c | |
parent | Improve srand seed (diff) | |
download | libar2simplified-d84d78d2d26c4cf3cdd89c8a30fcb602b2909cb0.tar.gz libar2simplified-d84d78d2d26c4cf3cdd89c8a30fcb602b2909cb0.tar.bz2 libar2simplified-d84d78d2d26c4cf3cdd89c8a30fcb602b2909cb0.tar.xz |
Fix critical bug for automatic salt generation1.1.2
If getrandom(3) generated bytes with the highest bit set and
(char) is (signed char) (ones' or two's complement is used),
those bytes would become negative indices, rather than be
inside [0, 64), causing random data to be writting into the
salt.
Signed-off-by: Mattias Andrée <maandree@kth.se>
Diffstat (limited to '')
-rw-r--r-- | libar2simplified_decode_r.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libar2simplified_decode_r.c b/libar2simplified_decode_r.c index 3f9dfea..545ecde 100644 --- a/libar2simplified_decode_r.c +++ b/libar2simplified_decode_r.c @@ -95,7 +95,7 @@ random_salt(char *out, size_t n, int (*random_byte_generator)(char *out, size_t } for (i = 0; i < n; i++) - out[i] = ALPHABET[out[i] % 64]; + out[i] = ALPHABET[out[i] & 63]; return 0; } |