[PATCH 4/6] Fix undefined behavior wrt memcpy

NIIBE Yutaka gniibe at fsij.org
Thu Jul 16 06:26:33 CEST 2015


Hello, Jussi,

Last week, following patch was submitted to gcrypt-devel.  Since it's
the code you wrote, I write to you.

I think that memcpy can be called with 0 length, but pointers should
be valid one (not NULL), even though most implementations works well.
So, it is worth to consider the patch for the correctness of the code.

On 07/10/2015 12:11 AM, Peter Wu wrote:
> * cipher/cipher-gcm.c: Do not copy zero bytes from an empty buffer. Let
>   the function continue to add padding as needed though.
> * cipher/mac-poly1305.c: If the caller requested to finish the hash
>   function without a copy of the result, return immediately.
> --
> Caught by UndefinedBehaviorSanitizer.
> 
> Signed-off-by: Peter Wu <peter at lekensteyn.nl>
> ---
>  cipher/cipher-gcm.c   | 2 +-
>  cipher/mac-poly1305.c | 3 +++
>  2 files changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
> index 6b13fc5..3711a1d 100644
> --- a/cipher/cipher-gcm.c
> +++ b/cipher/cipher-gcm.c
> @@ -474,7 +474,7 @@ do_ghash_buf(gcry_cipher_hd_t c, byte *hash, const byte *buf,
>  
>    do
>      {
> -      if (buflen + unused < blocksize || unused > 0)
> +      if (buflen > 0 && (buflen + unused < blocksize || unused > 0))
>          {
>            n = blocksize - unused;
>            n = n < buflen ? n : buflen;
> diff --git a/cipher/mac-poly1305.c b/cipher/mac-poly1305.c
> index 76b369a..b80f87d 100644
> --- a/cipher/mac-poly1305.c
> +++ b/cipher/mac-poly1305.c
> @@ -260,6 +260,9 @@ poly1305mac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t *outlen)
>        mac_ctx->marks.tag = 1;
>      }
>  
> +  if (*outlen == 0)
> +    return 0;
> +
>    if (*outlen <= POLY1305_TAGLEN)
>      buf_cpy (outbuf, mac_ctx->tag, *outlen);
>    else
> 




More information about the Gcrypt-devel mailing list