From d84d78d2d26c4cf3cdd89c8a30fcb602b2909cb0 Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Fri, 23 Jun 2023 18:16:57 +0200 Subject: Fix critical bug for automatic salt generation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If getrandom(3) generated bytes with the highest bit set and (char) is (signed char) (ones' or two's complement is used), those bytes would become negative indices, rather than be inside [0, 64), causing random data to be writting into the salt. Signed-off-by: Mattias Andrée --- libar2simplified_decode_r.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libar2simplified_decode_r.c b/libar2simplified_decode_r.c index 3f9dfea..545ecde 100644 --- a/libar2simplified_decode_r.c +++ b/libar2simplified_decode_r.c @@ -95,7 +95,7 @@ random_salt(char *out, size_t n, int (*random_byte_generator)(char *out, size_t } for (i = 0; i < n; i++) - out[i] = ALPHABET[out[i] % 64]; + out[i] = ALPHABET[out[i] & 63]; return 0; } -- cgit v1.2.3-70-g09d2