This doesn't look good. Does an EBCDIC architecture fan want to whip up the fix?
static char *BF_crypt(const char *key, const char *setting,
char *output, int size,
BF_word min)
{
... static const unsigned char flags_by_subtype[26] =
{2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
... if (setting[0] != '$' ||
setting[1] != '2' ||
setting[2] < 'a' || setting[2] > 'z' ||
!flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a'] ||
