patch by Jens Gustedt. this fixes a bug reported by Nadav Har'El. the
underlying issue was that a left-shift by 16 bits after promotion of
unsigned short to int caused integer overflow. while some compilers
define this overflow case as "shifting into the sign bit", doing so
doesn't help; the sign bit then gets extended through the upper bits
in subsequent arithmetic as unsigned long long. this patch imposes a
promotion to unsigned prior to the shift, so that the result is
well-defined and matches the specified behavior.
(cherry picked from commit
05cef96d9e63a00b319f88343cf9869c8e612843)
uint64_t __rand48_step(unsigned short *xi, unsigned short *lc)
{
uint64_t a, x;
- x = xi[0] | xi[1]<<16 | xi[2]+0ULL<<32;
- a = lc[0] | lc[1]<<16 | lc[2]+0ULL<<32;
+ x = xi[0] | xi[1]+0U<<16 | xi[2]+0ULL<<32;
+ a = lc[0] | lc[1]+0U<<16 | lc[2]+0ULL<<32;
x = a*x + lc[3];
xi[0] = x;
xi[1] = x>>16;