[src/trunk]: src/lib/libcrypt libcrypt: Fix a floating point exception when a...

[nia <nia%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/cbc32d6a7a9c
branches:  trunk
changeset: 990506:cbc32d6a7a9c
user:      nia <nia%NetBSD.org@localhost>
date:      Fri Oct 29 13:22:08 2021 +0000

description:
libcrypt: Fix a floating point exception when a low number of HMAC-SHA1
iterations are specified.

diffstat:

 lib/libcrypt/crypt-sha1.c |  17 ++++-------------
 1 files changed, 4 insertions(+), 13 deletions(-)

diffs (45 lines):

diff -r 07849beecae5 -r cbc32d6a7a9c lib/libcrypt/crypt-sha1.c
--- a/lib/libcrypt/crypt-sha1.c Fri Oct 29 11:45:39 2021 +0000
+++ b/lib/libcrypt/crypt-sha1.c Fri Oct 29 13:22:08 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: crypt-sha1.c,v 1.9 2021/10/16 10:53:33 nia Exp $ */
+/* $NetBSD: crypt-sha1.c,v 1.10 2021/10/29 13:22:08 nia Exp $ */
 
 /*
  * Copyright (c) 2004, Juniper Networks, Inc.
@@ -31,7 +31,7 @@
 
 #include <sys/cdefs.h>
 #if !defined(lint)
-__RCSID("$NetBSD: crypt-sha1.c,v 1.9 2021/10/16 10:53:33 nia Exp $");
+__RCSID("$NetBSD: crypt-sha1.c,v 1.10 2021/10/29 13:22:08 nia Exp $");
 #endif /* not lint */
 
 #include <stdlib.h>
@@ -71,24 +71,15 @@
 crypt_private unsigned int
 __crypt_sha1_iterations (unsigned int hint)
 {
-    static int once = 1;
-
     /*
      * We treat CRYPT_SHA1_ITERATIONS as a hint.
      * Make it harder for someone to pre-compute hashes for a
      * dictionary attack by not using the same iteration count for
      * every entry.
      */
-
-    if (once) {
-       int pid = getpid();
-       
-       srandom(time(NULL) ^ (pid * pid));
-       once = 0;
-    }
-    if (hint == 0)
+    if (hint < 4)
        hint = CRYPT_SHA1_ITERATIONS;
-    return hint - (random() % (hint / 4));
+    return hint - arc4random_uniform(hint / 4);
 }
 
 /*