safe_add in md5.js (signed vs unsigned int)

Question

safe_add in md5.js (signed vs unsigned int)

eugmoon opened this issue 10 years ago · 4 comments

I wasn't satisfied with the results of the safe_add function, seeing how 0x7FFFF + 1 resulted in -0x80000 for me.
Changing line 33 to:
return ((msw << 16) | (lsw & 0xFFFF)) >>> 0;
results in 0x7FFFF + 1 returning 0x80000 instead.

blueimp commented 10 years ago

Thanks!

Answer 1 · 2014-04-01T16:41:51.000Z

On which platform did you encounter this issue?
Could you provide a failing test case?
The safe_add function might not event be required anymore, as it was apparently written for older JS engines.
You might want to contact the original author of the MD5 implementation, who is credited here:
https://github.com/blueimp/JavaScript-MD5/blob/master/js/md5.js#L14

Answer 2 · 2014-04-01T18:06:45.000Z

I encountered this in both Internet Explorer 9 and the most recent version of Firefox (28.0) running on Windows Vista (32-bit).

I was wrong in my initial issue report. I was testing it by outputting to console.log:

console.log((safe_add(0x7fffffff, 0x0001)).toString(16));
outputs -0x8000000

console.log((safe_add(0x80000001, -0x0001)).toString(16));
also outputs -0x8000000

I will contact them and see what they say.

Thanks!

Answer 3 · 2014-04-03T17:54:31.000Z

I got in touch with Paul Johnston and, according to him, this function was designed to only operate on 16-bit numbers. So the hashing functions were also designed to operate on only 16-bits at a time. So my concerns are unnecessary, and I guess this issue can be closed.