There is a signedness bug in Openwall gen_salt code that
pgcrypto uses.  This makes the salt space for md5 and xdes
algorithms a lot smaller.

Salts for blowfish and standard des are unaffected.

Attached is upstream fix for it.  This applies all the
way from 7.2 to 8.1 and HEAD.  Please apply this to all
active branches.

--
marko
Index: contrib/pgcrypto/crypt-gensalt.c
===================================================================
RCS file: /opt/arc/cvs2/pgsql/contrib/pgcrypto/crypt-gensalt.c,v
retrieving revision 1.6
diff -u -c -r1.6 crypt-gensalt.c
*** contrib/pgcrypto/crypt-gensalt.c	15 Oct 2005 02:49:06 -0000	1.6
--- contrib/pgcrypto/crypt-gensalt.c	2 Jan 2006 22:27:35 -0000
***************
*** 62,70 ****
  	output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
  	output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
  	output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
! 	value = (unsigned long) input[0] |
! 		((unsigned long) input[1] << 8) |
! 		((unsigned long) input[2] << 16);
  	output[5] = _crypt_itoa64[value & 0x3f];
  	output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
  	output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
--- 62,70 ----
  	output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
  	output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
  	output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
! 	value = (unsigned long)(unsigned char) input[0] |
! 		((unsigned long)(unsigned char) input[1] << 8) |
! 		((unsigned long)(unsigned char) input[2] << 16);
  	output[5] = _crypt_itoa64[value & 0x3f];
  	output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
  	output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
***************
*** 90,98 ****
  	output[0] = '$';
  	output[1] = '1';
  	output[2] = '$';
! 	value = (unsigned long) input[0] |
! 		((unsigned long) input[1] << 8) |
! 		((unsigned long) input[2] << 16);
  	output[3] = _crypt_itoa64[value & 0x3f];
  	output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
  	output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
--- 90,98 ----
  	output[0] = '$';
  	output[1] = '1';
  	output[2] = '$';
! 	value = (unsigned long)(unsigned char) input[0] |
! 		((unsigned long)(unsigned char) input[1] << 8) |
! 		((unsigned long)(unsigned char) input[2] << 16);
  	output[3] = _crypt_itoa64[value & 0x3f];
  	output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
  	output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
***************
*** 101,109 ****
  
  	if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
  	{
! 		value = (unsigned long) input[3] |
! 			((unsigned long) input[4] << 8) |
! 			((unsigned long) input[5] << 16);
  		output[7] = _crypt_itoa64[value & 0x3f];
  		output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
  		output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
--- 101,109 ----
  
  	if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
  	{
! 		value = (unsigned long)(unsigned char) input[3] |
! 			((unsigned long)(unsigned char) input[4] << 8) |
! 			((unsigned long)(unsigned char) input[5] << 16);
  		output[7] = _crypt_itoa64[value & 0x3f];
  		output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
  		output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings

Reply via email to