Uninteded Variable Length Array in ec-nist.c
NIIBE Yutaka
gniibe at fsij.org
Fri Sep 30 10:14:16 CEST 2022
Thank you for your quick response.
Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
> How about instead define arrays with wanted size and define 'wsize' with
> sizeof the array. This would avoid having macros. For example like this:
>
> index 69b05a6d..0de41e48 100644
> --- a/mpi/ec-nist.c
> +++ b/mpi/ec-nist.c
> @@ -94,9 +94,9 @@ _gcry_mpi_ec_nist192_mod (gcry_mpi_t w, mpi_ec_t ctx)
> };
> const mpi_limb64_t zero = LIMB_TO64(0);
> mpi_ptr_t wp;
> - mpi_size_t wsize = 192 / BITS_PER_MPI_LIMB64;
> - mpi_limb64_t s[wsize + 1];
> - mpi_limb64_t o[wsize + 1];
> + mpi_limb64_t s[192 / BITS_PER_MPI_LIMB64 + 1];
> + mpi_limb64_t o[sizeof(s)];
> + const mpi_size_t wsize = DIM(s) - 1;
> mpi_limb_t mask1;
> mpi_limb_t mask2;
> mpi_limb_t s_is_negative;
Looks nice with no macro definition. I like it.
> If we want to, we can get rid of VLA in __gcry_burn_stack too.
I think that __gcry_burn_stack is OK with VLA, because it's quite
special use case and !HAVE_VLA version is available.
--
More information about the Gcrypt-devel
mailing list