[PATCH 09/10] mceliece6688128f: update generation script to apply changes as patch set

Jussi Kivilinna jussi.kivilinna at iki.fi
Tue Sep 30 08:30:14 CEST 2025 

Hello,

On 27/09/2025 10:54, Jussi Kivilinna wrote:
> * cipher/mceliece6688128f-patches: New.
> * cipher/mceliece6688128f.sh: Apply patches from
> 'cipher/mceliece6688128f-patches/*'.
> --

I had to drop this commit with patch files as git server rejects this with:

remote: cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch:40: trailing whitespace.
remote: +
remote: cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch:44: trailing whitespace.
remote: +
remote: cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch:49: trailing whitespace.
remote: +
<...snip...>
remote: error: hook declined to update refs/heads/master

Should I anyway try to wrestle this change in to repo? These patch files could be packaged into tar.gz for example.

-Jussi

> 
> Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
> ---
>   ...ece6688128f-fix-UBSAN-runtime-errors.patch | 135 +++++++++++++
>   ...-harden-mask-generation-against-bran.patch | 179 ++++++++++++++++++
>   ...-use-const-time-helper-for-memory-co.patch |  36 ++++
>   ...-fix-stack-overflow-crash-on-win64-w.patch |  71 +++++++
>   cipher/mceliece6688128f.sh                    |  19 ++
>   5 files changed, 440 insertions(+)
>   create mode 100644 cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch
>   create mode 100644 cipher/mceliece6688128f-patches/0002-mceliece6688128f-harden-mask-generation-against-bran.patch
>   create mode 100644 cipher/mceliece6688128f-patches/0003-mceliece6688128f-use-const-time-helper-for-memory-co.patch
>   create mode 100644 cipher/mceliece6688128f-patches/0004-mceliece6688128f-fix-stack-overflow-crash-on-win64-w.patch
> 
> diff --git a/cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch b/cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch
> new file mode 100644
> index 00000000..581da04c
> --- /dev/null
> +++ b/cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch
> @@ -0,0 +1,135 @@
> +From a786e3b6bf8cdc29aaa209b6528cf9b455677e1a Mon Sep 17 00:00:00 2001
> +From: Jussi Kivilinna <jussi.kivilinna at iki.fi>
> +Date: Mon, 22 Sep 2025 08:34:50 +0300
> +Subject: [PATCH] mceliece6688128f: fix UBSAN runtime errors
> +
> +* cipher/mceliece6688128f.c (cbrecursion): Fix left shift of signed integer
> +by too many places, by casting to unsigned integer before shift.
> +(syndrome): Fix misaligned memory loads by using 'bufhelp.h'.
> +--
> +
> +There was multiple undefined behaviour sanitizer warnings with mceliece668128f
> +which have been fixed by this commit:
> +
> +  $ tests/t-kem
> +  ../../cipher/mceliece6688128f.c:1766:37: runtime error: left shift of 73010 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1769:37: runtime error: left shift of 71034 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1792:39: runtime error: left shift of 72996 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1800:41: runtime error: left shift of 71344 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1807:43: runtime error: left shift of 68334 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1834:23: runtime error: left shift of 72247 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1833:19: runtime error: left shift of 136871 by 16 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:1781:41: runtime error: left shift of 66551 by 20 places cannot be represented in type 'int'
> +  ../../cipher/mceliece6688128f.c:2261:15: runtime error: load of misaligned address 0x7ffd13d3ad84 for type 'const uint64_t', which requires 8 byte alignment
> +  0x7ffd13d3ad84: note: pointer points here
> +    d8 7f e7 3c 61 1d b1 60  68 9b ff 4e 95 da 54 31  4b ca b9 7f e2 3b 06 a5  51 e3 7f 74 14 99 81 44
> +                ^
> +t-kem: 70 tests done
> +
> +Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
> +---
> + cipher/mceliece6688128f.c | 27 ++++++++++++++-------------
> + 1 file changed, 14 insertions(+), 13 deletions(-)
> +
> +diff --git a/cipher/mceliece6688128f.c b/cipher/mceliece6688128f.c
> +index 6ad3eecb..ca1952b5 100644
> +--- a/cipher/mceliece6688128f.c
> ++++ b/cipher/mceliece6688128f.c
> +@@ -131,6 +131,7 @@
> + #endif
> +
> + #include "g10lib.h"
> ++#include "bufhelp.h"
> + #include "mceliece6688128f.h"
> +
> + static void
> +@@ -1763,10 +1764,10 @@ static void cbrecursion(unsigned char *out,long long pos,long long step,const in
> +   }
> +   /* B = (p<<16)+c */
> +
> +-  for (x = 0;x < n;++x) A[x] = (A[x]<<16)|x; /* A = (pibar<<16)+id */
> ++  for (x = 0;x < n;++x) A[x] = ((u32)A[x]<<16)|x; /* A = (pibar<<16)+id */
> +   int32_sort(A,n); /* A = (id<<16)+pibar^-1 */
> +
> +-  for (x = 0;x < n;++x) A[x] = (A[x]<<16)+(B[x]>>16); /* A = (pibar^(-1)<<16)+pibar */
> ++  for (x = 0;x < n;++x) A[x] = ((u32)A[x]<<16)+(B[x]>>16); /* A = (pibar^(-1)<<16)+pibar */
> +   int32_sort(A,n); /* A = (id<<16)+pibar^2 */
> +

More information about the Gcrypt-devel mailing list