subject:"Bug#677275\: \[Pkg\-shadow\-devel\] Bug#677275\: passwd\: RAND_MAX is for rand\(\) only, and on some systems random\(\) can exceed RAND_MAX"

Bug#677275: [Pkg-shadow-devel] Bug#677275: passwd: RAND_MAX is for rand() only, and on some systems random() can exceed RAND_MAX

2012-06-13 Thread Alexander Gattin

Hello, On Wed, Jun 13, 2012 at 01:04:51AM +0200, Nicolas François wrote: > On Wed, Jun 13, 2012 at 12:15:53AM +0400, > pashev.i...@gmail.com wrote: > > But random() returns numbers in the range from > > 0 to 2^31-1 [2]. > > > > So, random()/RAND_MAX could result in a value > 1. > > Theoretically

Bug#677275: [Pkg-shadow-devel] Bug#677275: passwd: RAND_MAX is for rand() only, and on some systems random() can exceed RAND_MAX

2012-06-12 Thread Nicolas François

Hello, On Wed, Jun 13, 2012 at 12:15:53AM +0400, pashev.i...@gmail.com wrote: > > function SHA_salt_size() in file libmisc/salt.c uses random() to get random > number and divides it by RAND_MAX. > > This is incorrect. > > RAND_MAX macro is designed for C standard fucntion rand() (value of the >