[PATCH 4/6] Fix undefined behavior wrt memcpy
NIIBE Yutaka
gniibe at fsij.org
Thu Jul 16 06:26:33 CEST 2015
Hello, Jussi,
Last week, following patch was submitted to gcrypt-devel. Since it's
the code you wrote, I write to you.
I think that memcpy can be called with 0 length, but pointers should
be valid one (not NULL), even though most implementations works well.
So, it is worth to consider the patch for the correctness of the code.
On 07/10/2015 12:11 AM, Peter Wu wrote:
> * cipher/cipher-gcm.c: Do not copy zero bytes from an empty buffer. Let
> the function continue to add padding as needed though.
> * cipher/mac-poly1305.c: If the caller requested to finish the hash
> function without a copy of the result, return immediately.
> --
> Caught by UndefinedBehaviorSanitizer.
>
> Signed-off-by: Peter Wu <peter at lekensteyn.nl>
> ---
> cipher/cipher-gcm.c | 2 +-
> cipher/mac-poly1305.c | 3 +++
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
> index 6b13fc5..3711a1d 100644
> --- a/cipher/cipher-gcm.c
> +++ b/cipher/cipher-gcm.c
> @@ -474,7 +474,7 @@ do_ghash_buf(gcry_cipher_hd_t c, byte *hash, const byte *buf,
>
> do
> {
> - if (buflen + unused < blocksize || unused > 0)
> + if (buflen > 0 && (buflen + unused < blocksize || unused > 0))
> {
> n = blocksize - unused;
> n = n < buflen ? n : buflen;
> diff --git a/cipher/mac-poly1305.c b/cipher/mac-poly1305.c
> index 76b369a..b80f87d 100644
> --- a/cipher/mac-poly1305.c
> +++ b/cipher/mac-poly1305.c
> @@ -260,6 +260,9 @@ poly1305mac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t *outlen)
> mac_ctx->marks.tag = 1;
> }
>
> + if (*outlen == 0)
> + return 0;
> +
> if (*outlen <= POLY1305_TAGLEN)
> buf_cpy (outbuf, mac_ctx->tag, *outlen);
> else
>
More information about the Gcrypt-devel
mailing list