[PATCH 4/6] Fix undefined behavior wrt memcpy
gniibe at fsij.org
Thu Jul 16 06:26:33 CEST 2015
Last week, following patch was submitted to gcrypt-devel. Since it's
the code you wrote, I write to you.
I think that memcpy can be called with 0 length, but pointers should
be valid one (not NULL), even though most implementations works well.
So, it is worth to consider the patch for the correctness of the code.
On 07/10/2015 12:11 AM, Peter Wu wrote:
> * cipher/cipher-gcm.c: Do not copy zero bytes from an empty buffer. Let
> the function continue to add padding as needed though.
> * cipher/mac-poly1305.c: If the caller requested to finish the hash
> function without a copy of the result, return immediately.
> Caught by UndefinedBehaviorSanitizer.
> Signed-off-by: Peter Wu <peter at lekensteyn.nl>
> cipher/cipher-gcm.c | 2 +-
> cipher/mac-poly1305.c | 3 +++
> 2 files changed, 4 insertions(+), 1 deletion(-)
> diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
> index 6b13fc5..3711a1d 100644
> --- a/cipher/cipher-gcm.c
> +++ b/cipher/cipher-gcm.c
> @@ -474,7 +474,7 @@ do_ghash_buf(gcry_cipher_hd_t c, byte *hash, const byte *buf,
> - if (buflen + unused < blocksize || unused > 0)
> + if (buflen > 0 && (buflen + unused < blocksize || unused > 0))
> n = blocksize - unused;
> n = n < buflen ? n : buflen;
> diff --git a/cipher/mac-poly1305.c b/cipher/mac-poly1305.c
> index 76b369a..b80f87d 100644
> --- a/cipher/mac-poly1305.c
> +++ b/cipher/mac-poly1305.c
> @@ -260,6 +260,9 @@ poly1305mac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t *outlen)
> mac_ctx->marks.tag = 1;
> + if (*outlen == 0)
> + return 0;
> if (*outlen <= POLY1305_TAGLEN)
> buf_cpy (outbuf, mac_ctx->tag, *outlen);
More information about the Gcrypt-devel