emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

(shadow_random): Use long instead of size_t.

Browse Source 
* libmisc/salt.c (shadow_random): Use long instead of size_t.
	Compatibility with size_t is easier to check since it's used for
	smaller numbers (salt size).
This commit is contained in:
Nicolas François 2013-08-13 19:16:24 +02:00
parent 64fe2f7db6
commit 5884ba907c
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
* libmisc/salt.c (shadow_random): Use long instead of size_t.
Compatibility with size_t is easier to check since it's used for
smaller numbers (salt size).
2013-08-13 Nicolas François <nicolas.francois@centraliens.net> 2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
* lib/groupmem.c: Add splint annotations. The added memset makes * lib/groupmem.c: Add splint annotations. The added memset makes

12
libmisc/salt.c
View File

@ -23,7 +23,7 @@
static void seedRNG (void); static void seedRNG (void);
static /*@observer@*/const char *gensalt (size_t salt_size); static /*@observer@*/const char *gensalt (size_t salt_size);
#ifdef USE_SHA_CRYPT #ifdef USE_SHA_CRYPT
static size_t shadow_random (size_t min, size_t max); static long shadow_random (long min, long max);
static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds); static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds);
#endif /* USE_SHA_CRYPT */ #endif /* USE_SHA_CRYPT */
@ -90,15 +90,15 @@ static void seedRNG (void)
* *
* It favors slightly the higher numbers. * It favors slightly the higher numbers.
*/ */
static size_t shadow_random (size_t min, size_t max) static long shadow_random (long min, long max)
{ {
double drand; double drand;
size_t ret; long ret;
seedRNG (); seedRNG ();
drand = (double) (max - min + 1) * random () / RANDOM_MAX; drand = (double) (max - min + 1) * random () / RANDOM_MAX;
/* On systems were this is not random() range is lower, we favor /* On systems were this is not random() range is lower, we favor
* higher numbers of salt. */ * higher numbers of salt. */
ret = (size_t) (max + 1 - drand); ret = (long) (max + 1 - drand);
/* And we catch limits, and use the highest number */ /* And we catch limits, and use the highest number */
if ((ret < min) || (ret > max)) { if ((ret < min) || (ret > max)) {
ret = max; ret = max;
@ -234,11 +234,11 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
} else if (0 == strcmp (method, "SHA256")) { } else if (0 == strcmp (method, "SHA256")) {
MAGNUM(result, '5'); MAGNUM(result, '5');
strcat(result, SHA_salt_rounds((int *)arg)); strcat(result, SHA_salt_rounds((int *)arg));
salt_len = shadow_random (8, 16); salt_len = (size_t) shadow_random (8, 16);
} else if (0 == strcmp (method, "SHA512")) { } else if (0 == strcmp (method, "SHA512")) {
MAGNUM(result, '6'); MAGNUM(result, '6');
strcat(result, SHA_salt_rounds((int *)arg)); strcat(result, SHA_salt_rounds((int *)arg));
salt_len = shadow_random (8, 16); salt_len = (size_t) shadow_random (8, 16);
#endif /* USE_SHA_CRYPT */ #endif /* USE_SHA_CRYPT */
} else if (0 != strcmp (method, "DES")) { } else if (0 != strcmp (method, "DES")) {
fprintf (stderr, fprintf (stderr,