X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/puzzles/blobdiff_plain/2ef96bd6ebb0e89bc054d2edb1ef280c97faa955..50ff573008fcfcc1cf1e9c071d36f5c84e2684dc:/random.c

diff --git a/random.c b/random.c
index dad2c0e..664b11c 100644
--- a/random.c
+++ b/random.c
@@ -177,22 +177,22 @@ static void SHA_Final(SHA_State * s, unsigned char *output)
     c[0] = 0x80;
     SHA_Bytes(s, &c, pad);
 
-    c[0] = (lenhi >> 24) & 0xFF;
-    c[1] = (lenhi >> 16) & 0xFF;
-    c[2] = (lenhi >> 8) & 0xFF;
-    c[3] = (lenhi >> 0) & 0xFF;
-    c[4] = (lenlo >> 24) & 0xFF;
-    c[5] = (lenlo >> 16) & 0xFF;
-    c[6] = (lenlo >> 8) & 0xFF;
-    c[7] = (lenlo >> 0) & 0xFF;
+    c[0] = (unsigned char)((lenhi >> 24) & 0xFF);
+    c[1] = (unsigned char)((lenhi >> 16) & 0xFF);
+    c[2] = (unsigned char)((lenhi >> 8) & 0xFF);
+    c[3] = (unsigned char)((lenhi >> 0) & 0xFF);
+    c[4] = (unsigned char)((lenlo >> 24) & 0xFF);
+    c[5] = (unsigned char)((lenlo >> 16) & 0xFF);
+    c[6] = (unsigned char)((lenlo >> 8) & 0xFF);
+    c[7] = (unsigned char)((lenlo >> 0) & 0xFF);
 
     SHA_Bytes(s, &c, 8);
 
     for (i = 0; i < 5; i++) {
-	output[i * 4] = (s->h[i] >> 24) & 0xFF;
-	output[i * 4 + 1] = (s->h[i] >> 16) & 0xFF;
-	output[i * 4 + 2] = (s->h[i] >> 8) & 0xFF;
-	output[i * 4 + 3] = (s->h[i]) & 0xFF;
+	output[i * 4] = (unsigned char)((s->h[i] >> 24) & 0xFF);
+	output[i * 4 + 1] = (unsigned char)((s->h[i] >> 16) & 0xFF);
+	output[i * 4 + 2] = (unsigned char)((s->h[i] >> 8) & 0xFF);
+	output[i * 4 + 3] = (unsigned char)((s->h[i]) & 0xFF);
     }
 }
 
@@ -231,7 +231,7 @@ random_state *random_init(char *seed, int len)
 
 unsigned long random_bits(random_state *state, int bits)
 {
-    int ret = 0;
+    unsigned long ret = 0;
     int n;
 
     for (n = 0; n < bits; n += 8) {
@@ -251,7 +251,13 @@ unsigned long random_bits(random_state *state, int bits)
 	ret = (ret << 8) | state->databuf[state->pos++];
     }
 
-    ret &= (1 << bits) - 1;
+    /*
+     * `(1 << bits) - 1' is not good enough, since if bits==32 on a
+     * 32-bit machine, behaviour is undefined and Intel has a nasty
+     * habit of shifting left by zero instead. We'll shift by
+     * bits-1 and then separately shift by one.
+     */
+    ret &= (1 << (bits-1)) * 2 - 1;
     return ret;
 }