Fix typo in pg_srand48 (srand48 in older branches).

">" should be ">>".  This typo results in failure to use all of the bits
of the provided seed.

This might rise to the level of a security bug if we were relying on
srand48 for any security-critical purposes, but we are not --- in fact,
it's not used at all unless the platform lacks srandom(), which is
improbable.  Even on such a platform the exposure seems minimal.

Reported privately by Andres Freund.

diff --git a/src/port/rand.c b/src/port/rand.c
index b4631299e999a699ffbe6964850951eed8540804..317a3eaeccb4afb7d6d30c852b9deb5134782688 100644 (file)
--- a/src/port/rand.c
+++ b/src/port/rand.c
@@ -71,7 +71,7 @@ srand48(long seed)
 {
        _rand48_seed[0] = RAND48_SEED_0;
        _rand48_seed[1] = (unsigned short) seed;
-       _rand48_seed[2] = (unsigned short) (seed > 16);
+       _rand48_seed[2] = (unsigned short) (seed >> 16);
        _rand48_mult[0] = RAND48_MULT_0;
        _rand48_mult[1] = RAND48_MULT_1;
        _rand48_mult[2] = RAND48_MULT_2;