From: Jim Meyering <jim@meyering.net>
To: Antoine Levitt <antoine.levitt@gmail.com>
Cc: Paul Eggert <eggert@cs.ucla.edu>, emacs-devel@gnu.org
Subject: Re: md5 broken?
Date: Sat, 28 May 2011 14:23:43 +0200 [thread overview]
Message-ID: <87zkm7t3n4.fsf@rho.meyering.net> (raw)
In-Reply-To: <87ipsv188f.fsf@gmail.com> (Antoine Levitt's message of "Sat, 28 May 2011 11:32:00 +0200")
Antoine Levitt wrote:
...
> (md5 "truc")
> => 45723a2af3788c4ff17f8d1114760e62
> (which is the same thing as md5sum)
>
>>From an emacs just compiled,
>
> (md5 "truc")
> => 45723a2aff78ff4fff7fff1114760e62
> (it seems some digits have been randomly replaced by f, for some reason)
...
Thanks for the report.
That was due to yesterday's crypto_hash_function change.
It switched from unsigned to signed char pointers.
The patch below fixes it by introducing the tiny "to_uchar" function
from coreutils/src/system.h. It's safer to use a tiny helper
function like that rather than a cast.
I fixed it with this:
2011-05-28 Jim Meyering <meyering@redhat.com>
avoid a sign-extension bug in crypto_hash_function
* fns.c (to_uchar): Define.
(crypto_hash_function): Use it to convert some newly-signed
variables to unsigned, to avoid sign-extension bugs. For example,
without this change, (md5 "truc") would evaluate to
45723a2aff78ff4fff7fff1114760e62 rather than the expected
45723a2af3788c4ff17f8d1114760e62. Reported by Antoine Levitt in
http://thread.gmane.org/gmane.emacs.devel/139824
=== modified file 'src/fns.c'
--- src/fns.c 2011-05-27 19:37:32 +0000
+++ src/fns.c 2011-05-28 12:09:59 +0000
@@ -4520,6 +4520,11 @@
#include "md5.h"
#include "sha1.h"
+/* Convert a possibly-signed character to an unsigned character. This is
+ a bit safer than casting to unsigned char, since it catches some type
+ errors that the cast doesn't. */
+static inline unsigned char to_uchar (char ch) { return ch; }
+
/* TYPE: 0 for md5, 1 for sha1. */
static Lisp_Object
@@ -4717,7 +4722,7 @@
{
char value[33];
for (i = 0; i < 16; i++)
- sprintf (&value[2 * i], "%02x", digest[i]);
+ sprintf (&value[2 * i], "%02x", to_uchar (digest[i]));
res = make_string (value, 32);
}
else
@@ -4735,7 +4740,7 @@
{
char value[41];
for (i = 0; i < 20; i++)
- sprintf (&value[2 * i], "%02x", digest[i]);
+ sprintf (&value[2 * i], "%02x", to_uchar (digest[i]));
res = make_string (value, 40);
}
else
next prev parent reply other threads:[~2011-05-28 12:23 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-28 9:32 md5 broken? Antoine Levitt
2011-05-28 12:23 ` Jim Meyering [this message]
2011-05-28 12:28 ` Antoine Levitt
2011-05-28 12:51 ` Eli Zaretskii
2011-05-28 13:32 ` Jim Meyering
2011-05-28 14:10 ` Eli Zaretskii
2011-05-28 16:09 ` Paul Eggert
2011-05-28 16:55 ` Eli Zaretskii
2011-05-28 19:12 ` Paul Eggert
2011-05-28 19:35 ` Eli Zaretskii
2011-05-28 22:47 ` INLINE -> inline (was: md5 broken?) Paul Eggert
2011-05-29 4:51 ` Eli Zaretskii
2011-05-29 8:05 ` INLINE -> inline Jim Meyering
2011-05-30 2:47 ` md5 broken? Ken Raeburn
2011-05-30 5:31 ` Paul Eggert
2011-05-31 4:22 ` Ken Raeburn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zkm7t3n4.fsf@rho.meyering.net \
--to=jim@meyering.net \
--cc=antoine.levitt@gmail.com \
--cc=eggert@cs.ucla.edu \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.