diff --git a/ChangeLog b/ChangeLog index e6531c51..ff486f2d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2013-08-13 Nicolas François + + * libmisc/salt.c (shadow_random): Use long instead of size_t. + Compatibility with size_t is easier to check since it's used for + smaller numbers (salt size). + 2013-08-13 Nicolas François * lib/groupmem.c: Add splint annotations. The added memset makes diff --git a/libmisc/salt.c b/libmisc/salt.c index 156a3252..c72447ea 100644 --- a/libmisc/salt.c +++ b/libmisc/salt.c @@ -23,7 +23,7 @@ static void seedRNG (void); static /*@observer@*/const char *gensalt (size_t salt_size); #ifdef USE_SHA_CRYPT -static size_t shadow_random (size_t min, size_t max); +static long shadow_random (long min, long max); static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds); #endif /* USE_SHA_CRYPT */ @@ -90,15 +90,15 @@ static void seedRNG (void) * * It favors slightly the higher numbers. */ -static size_t shadow_random (size_t min, size_t max) +static long shadow_random (long min, long max) { double drand; - size_t ret; + long ret; seedRNG (); drand = (double) (max - min + 1) * random () / RANDOM_MAX; /* On systems were this is not random() range is lower, we favor * higher numbers of salt. */ - ret = (size_t) (max + 1 - drand); + ret = (long) (max + 1 - drand); /* And we catch limits, and use the highest number */ if ((ret < min) || (ret > max)) { ret = max; @@ -234,11 +234,11 @@ static /*@observer@*/const char *gensalt (size_t salt_size) } else if (0 == strcmp (method, "SHA256")) { MAGNUM(result, '5'); strcat(result, SHA_salt_rounds((int *)arg)); - salt_len = shadow_random (8, 16); + salt_len = (size_t) shadow_random (8, 16); } else if (0 == strcmp (method, "SHA512")) { MAGNUM(result, '6'); strcat(result, SHA_salt_rounds((int *)arg)); - salt_len = shadow_random (8, 16); + salt_len = (size_t) shadow_random (8, 16); #endif /* USE_SHA_CRYPT */ } else if (0 != strcmp (method, "DES")) { fprintf (stderr,