ARC: Make vfork weak in libc

[uclinux-h8/uClibc.git] / libcrypt / md5.c

diff --git a/libcrypt/md5.c b/libcrypt/md5.c
index 6706f92..1af11ed 100644 (file)
--- a/libcrypt/md5.c
+++ b/libcrypt/md5.c
@@ -95,8 +95,9 @@ static void   __md5_Final (unsigned char [16], struct MD5Context *);
 static void __md5_Transform __P((u_int32_t [4], const unsigned char [64]));
 
 
-static const unsigned char __md5__magic[] = "$1$";     /* This string is magic for this algorithm.  Having
-                                                  it this way, we can get better later on */
+#define MD5_MAGIC_STR "$1$"
+#define MD5_MAGIC_LEN (sizeof(MD5_MAGIC_STR) - 1)
+static const unsigned char __md5__magic[] = MD5_MAGIC_STR;
 static const unsigned char __md5_itoa64[] =            /* 0 ... 63 => ascii - 64 */
        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 
@@ -187,7 +188,7 @@ static void __md5_Init (struct MD5Context *context)
        context->state[3] = 0x10325476;
 }
 
-/* 
+/*
  * MD5 block update operation. Continues an MD5 message-digest
  * operation, processing another message block, and updating the
  * context.
@@ -530,11 +531,13 @@ static void __md5_to64( char *s, unsigned long v, int n)
 char *__md5_crypt(const unsigned char *pw, const unsigned char *salt)
 {
        /* Static stuff */
-       static const unsigned char *sp, *ep;
-       static char passwd[120], *p;
+       /* "$1$" + salt_up_to_8_chars + "$" + 22_bytes_of_hash + NUL */
+       static char passwd[3 + 8 + 1 + 22 + 1];
 
+       const unsigned char *sp, *ep;
+       char *p;
        unsigned char   final[17];      /* final[16] exists only to aid in looping */
-       int sl,pl,i,__md5__magic_len,pw_len;
+       int sl,pl,i,pw_len;
        struct MD5Context ctx,ctx1;
        unsigned long l;
 
@@ -542,9 +545,8 @@ char *__md5_crypt(const unsigned char *pw, const unsigned char *salt)
        sp = salt;
 
        /* If it starts with the magic string, then skip that */
-       __md5__magic_len = strlen(__md5__magic);
-       if(!strncmp(sp,__md5__magic,__md5__magic_len))
-               sp += __md5__magic_len;
+       if(!strncmp(sp,__md5__magic,MD5_MAGIC_LEN))
+               sp += MD5_MAGIC_LEN;
 
        /* It stops at the first '$', max 8 chars */
        for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
@@ -560,7 +562,7 @@ char *__md5_crypt(const unsigned char *pw, const unsigned char *salt)
        __md5_Update(&ctx,pw,pw_len);
 
        /* Then our magic string */
-       __md5_Update(&ctx,__md5__magic,__md5__magic_len);
+       __md5_Update(&ctx,__md5__magic,MD5_MAGIC_LEN);
 
        /* Then the raw salt */
        __md5_Update(&ctx,sp,sl);
@@ -583,9 +585,9 @@ char *__md5_crypt(const unsigned char *pw, const unsigned char *salt)
        }
 
        /* Now make the output string */
-       strcpy(passwd,__md5__magic);
-       strncat(passwd,sp,sl);
-       strcat(passwd,"$");
+       strcpy(passwd,__md5__magic); /* 3 bytes */
+       strncpy(passwd+MD5_MAGIC_LEN,(char*)sp,sl); /* 8 or less */
+       passwd[MD5_MAGIC_LEN+sl] = '$';
 
        __md5_Final(final,&ctx);
 
@@ -614,15 +616,17 @@ char *__md5_crypt(const unsigned char *pw, const unsigned char *salt)
                __md5_Final(final,&ctx1);
        }
 
-       p = passwd + strlen(passwd);
-
+       /* Add 5*4+2 = 22 bytes of hash, + NUL byte. */
+       p = passwd + MD5_MAGIC_LEN + sl + 1;
        final[16] = final[5];
        for ( i=0 ; i < 5 ; i++ ) {
                l = (final[i]<<16) | (final[i+6]<<8) | final[i+12];
-               __md5_to64(p,l,4); p += 4;
+               __md5_to64(p,l,4);
+               p += 4;
        }
        l = final[11];
-       __md5_to64(p,l,2); p += 2;
+       __md5_to64(p,l,2);
+       p += 2;
        *p = '\0';
 
        /* Don't leave anything around in vm they could use. */