From df8328c3a187295b82d357f107dbe12d2c0603ba Mon Sep 17 00:00:00 2001
From: Tim Cava <tcava@users.sourceforge.net>
Date: Sun, 16 Jun 2013 14:40:52 +0000
Subject: [PATCH] Fix out-of-bounds error in cryptit() found by Coverity.

git-svn-id: svn://svn.code.sf.net/p/bitchx/code/trunk@240 13b04d17-f746-0410-82c6-800466cd88b0
---
 Changelog       | 2 ++
 source/ircaux.c | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Changelog b/Changelog
index d3fbac1..c140191 100644
--- a/Changelog
+++ b/Changelog
@@ -1,5 +1,7 @@
 [Changes 1.2c01]
 
+* Fix out-of-bounds error in cryptit() found by Coverity. (flashback)
+
 * Cleanup save_formats(). (caf)
 
 * Fix off-by-one error in add_socketread() and set_socketwrite() found
diff --git a/source/ircaux.c b/source/ircaux.c
index e725884..17f2230 100644
--- a/source/ircaux.c
+++ b/source/ircaux.c
@@ -2826,8 +2826,8 @@ static char saltChars[] =
 	"abcdefghijklmnopqrstuvwxyzABCDEFGHJIKLMNOPQRSTUVWXYZ./";
 char *cpass = (char *)string;
 char salt[3];
-	salt[0] = saltChars[random_number(0) % 64];
-	salt[1] = saltChars[random_number(0) % 64];
+	salt[0] = saltChars[random_number(0) % sizeof(saltChars)];
+	salt[1] = saltChars[random_number(0) % sizeof(saltChars)];
 	salt[2] = 0;
 #if !defined(WINNT)
 	cpass = crypt(string, salt);