Commit 3eaff834 authored by Jim Meyering's avatar Jim Meyering

avoid a sign-extension bug in crypto_hash_function

* fns.c (to_uchar): Define.
(crypto_hash_function): Use it to convert some newly-signed
variables to unsigned, to avoid sign-extension bugs.  For example,
without this change, (md5 "truc") would evaluate to
45723a2aff78ff4fff7fff1114760e62 rather than the expected
45723a2af3788c4ff17f8d1114760e62.  Reported by Antoine Levitt in
http://thread.gmane.org/gmane.emacs.devel/139824
parent d451b087
2011-05-28 Jim Meyering <meyering@redhat.com>
avoid a sign-extension bug in crypto_hash_function
* fns.c (to_uchar): Define.
(crypto_hash_function): Use it to convert some newly-signed
variables to unsigned, to avoid sign-extension bugs. For example,
without this change, (md5 "truc") would evaluate to
45723a2aff78ff4fff7fff1114760e62 rather than the expected
45723a2af3788c4ff17f8d1114760e62. Reported by Antoine Levitt in
http://thread.gmane.org/gmane.emacs.devel/139824
2011-05-27 Paul Eggert <eggert@cs.ucla.edu>
Integer overflow fixes.
......
......@@ -4520,6 +4520,11 @@ including negative integers. */)
#include "md5.h"
#include "sha1.h"
/* Convert a possibly-signed character to an unsigned character. This is
a bit safer than casting to unsigned char, since it catches some type
errors that the cast doesn't. */
static inline unsigned char to_uchar (char ch) { return ch; }
/* TYPE: 0 for md5, 1 for sha1. */
static Lisp_Object
......@@ -4717,7 +4722,7 @@ crypto_hash_function (int type, Lisp_Object object, Lisp_Object start, Lisp_Obje
{
char value[33];
for (i = 0; i < 16; i++)
sprintf (&value[2 * i], "%02x", digest[i]);
sprintf (&value[2 * i], "%02x", to_uchar (digest[i]));
res = make_string (value, 32);
}
else
......@@ -4735,7 +4740,7 @@ crypto_hash_function (int type, Lisp_Object object, Lisp_Object start, Lisp_Obje
{
char value[41];
for (i = 0; i < 20; i++)
sprintf (&value[2 * i], "%02x", digest[i]);
sprintf (&value[2 * i], "%02x", to_uchar (digest[i]));
res = make_string (value, 40);
}
else
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment