When using an union including a type known for having strong alignment

constraints, in order to force the union to have the same constraint, use the actual type instead of `double'. And add a comment explaining why we want such an alignment in there. ok beck@
author: miod <> 2016-11-08 21:25:01 +0000
committer: miod <> 2016-11-08 21:25:01 +0000
commit: 225a4b22cb848306a5f851162860ae2ef943de83 (patch)
tree: d5ca49e5015a8e290ce56a6948cae36e493424d2
parent: 741233cfaaedfc9709cf01e0bf3d9304cda9ed58 (diff)
download: openbsd-225a4b22cb848306a5f851162860ae2ef943de83.tar.gz
openbsd-225a4b22cb848306a5f851162860ae2ef943de83.tar.bz2
openbsd-225a4b22cb848306a5f851162860ae2ef943de83.zip
1 files changed, 15 insertions, 7 deletions
diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c
index 42aa4b8d4d..f0bf5bc38b 100644
--- a/src/lib/libssl/s3_cbc.c
+++ b/src/lib/libssl/s3_cbc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_cbc.c,v 1.13 2016/11/06 17:21:04 jsing Exp $ */
+/* $OpenBSD: s3_cbc.c,v 1.14 2016/11/08 21:25:01 miod Exp $ */
 /* ====================================================================
 * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
 *
@@ -303,7 +303,6 @@ tls1_sha1_final_raw(void* ctx, unsigned char *md_out)
        l2n(sha1->h3, md_out);
        l2n(sha1->h4, md_out);
 }
-#define LARGEST_DIGEST_CTX SHA_CTX
 static void
 tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
@@ -315,8 +314,6 @@ tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
                l2n(sha256->h[i], md_out);
        }
 }
-#undef  LARGEST_DIGEST_CTX
-#define LARGEST_DIGEST_CTX SHA256_CTX
 static void
 tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
@@ -328,9 +325,13 @@ tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
                l2n8(sha512->h[i], md_out);
        }
 }
-#undef  LARGEST_DIGEST_CTX
+/* Largest hash context ever used by the functions above. */
 #define LARGEST_DIGEST_CTX SHA512_CTX
+/* Type giving the alignment needed by the above */
+#define LARGEST_DIGEST_CTX_ALIGNMENT SHA_LONG64
 /* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
 * which ssl3_cbc_digest_record supports. */
 char
@@ -366,7 +367,8 @@ ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
 * On entry: by virtue of having been through one of the remove_padding
 * functions, above, we know that data_plus_mac_size is large enough to contain
 * a padding byte and MAC. (If the padding was invalid, it might contain the
- * padding too. ) */
+ * padding too. )
+ */
 int
 ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char* md_out,
    size_t* md_out_size, const unsigned char header[13],
@@ -374,7 +376,13 @@ ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char* md_out,
    size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
    unsigned mac_secret_length)
 {
-        union { double align;
+        union {
+                /*
+                 * Alignment here is to allow this to be cast as SHA512_CTX
+                 * without losing alignment required by the 64-bit SHA_LONG64
+                 * integer it contains.
+                 */
+                LARGEST_DIGEST_CTX_ALIGNMENT align;
                unsigned char c[sizeof(LARGEST_DIGEST_CTX)];
        } md_state;
        void (*md_final_raw)(void *ctx, unsigned char *md_out);
author	miod <>	2016-11-08 21:25:01 +0000
committer	miod <>	2016-11-08 21:25:01 +0000
commit	225a4b22cb848306a5f851162860ae2ef943de83 (patch)
tree	d5ca49e5015a8e290ce56a6948cae36e493424d2
parent	741233cfaaedfc9709cf01e0bf3d9304cda9ed58 (diff)
download	openbsd-225a4b22cb848306a5f851162860ae2ef943de83.tar.gz openbsd-225a4b22cb848306a5f851162860ae2ef943de83.tar.bz2 openbsd-225a4b22cb848306a5f851162860ae2ef943de83.zip

diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c index 42aa4b8d4d..f0bf5bc38b 100644 --- a/src/lib/libssl/s3_cbc.c +++ b/src/lib/libssl/s3_cbc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_cbc.c,v 1.13 2016/11/06 17:21:04 jsing Exp $ */	1	/* $OpenBSD: s3_cbc.c,v 1.14 2016/11/08 21:25:01 miod Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2012 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2012 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -303,7 +303,6 @@ tls1_sha1_final_raw(void* ctx, unsigned char *md_out)
303	l2n(sha1->h3, md_out);	303	l2n(sha1->h3, md_out);
304	l2n(sha1->h4, md_out);	304	l2n(sha1->h4, md_out);
305	}	305	}
306	#define LARGEST_DIGEST_CTX SHA_CTX
307		306
308	static void	307	static void
309	tls1_sha256_final_raw(void* ctx, unsigned char *md_out)	308	tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
@@ -315,8 +314,6 @@ tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
315	l2n(sha256->h[i], md_out);	314	l2n(sha256->h[i], md_out);
316	}	315	}
317	}	316	}
318	#undef LARGEST_DIGEST_CTX
319	#define LARGEST_DIGEST_CTX SHA256_CTX
320		317
321	static void	318	static void
322	tls1_sha512_final_raw(void* ctx, unsigned char *md_out)	319	tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
@@ -328,9 +325,13 @@ tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
328	l2n8(sha512->h[i], md_out);	325	l2n8(sha512->h[i], md_out);
329	}	326	}
330	}	327	}
331	#undef LARGEST_DIGEST_CTX	328
		329	/* Largest hash context ever used by the functions above. */
332	#define LARGEST_DIGEST_CTX SHA512_CTX	330	#define LARGEST_DIGEST_CTX SHA512_CTX
333		331
		332	/* Type giving the alignment needed by the above */
		333	#define LARGEST_DIGEST_CTX_ALIGNMENT SHA_LONG64
		334
334	/* ssl3_cbc_record_digest_supported returns 1 iff \|ctx\| uses a hash function	335	/* ssl3_cbc_record_digest_supported returns 1 iff \|ctx\| uses a hash function
335	* which ssl3_cbc_digest_record supports. */	336	* which ssl3_cbc_digest_record supports. */
336	char	337	char
@@ -366,7 +367,8 @@ ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
366	* On entry: by virtue of having been through one of the remove_padding	367	* On entry: by virtue of having been through one of the remove_padding
367	* functions, above, we know that data_plus_mac_size is large enough to contain	368	* functions, above, we know that data_plus_mac_size is large enough to contain
368	* a padding byte and MAC. (If the padding was invalid, it might contain the	369	* a padding byte and MAC. (If the padding was invalid, it might contain the
369	* padding too. ) */	370	* padding too. )
		371	*/
370	int	372	int
371	ssl3_cbc_digest_record(const EVP_MD_CTX ctx, unsigned char md_out,	373	ssl3_cbc_digest_record(const EVP_MD_CTX ctx, unsigned char md_out,
372	size_t* md_out_size, const unsigned char header[13],	374	size_t* md_out_size, const unsigned char header[13],
@@ -374,7 +376,13 @@ ssl3_cbc_digest_record(const EVP_MD_CTX ctx, unsigned char md_out,
374	size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,	376	size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
375	unsigned mac_secret_length)	377	unsigned mac_secret_length)
376	{	378	{
377	union { double align;	379	union {
		380	/*
		381	* Alignment here is to allow this to be cast as SHA512_CTX
		382	* without losing alignment required by the 64-bit SHA_LONG64
		383	* integer it contains.
		384	*/
		385	LARGEST_DIGEST_CTX_ALIGNMENT align;
378	unsigned char c[sizeof(LARGEST_DIGEST_CTX)];	386	unsigned char c[sizeof(LARGEST_DIGEST_CTX)];
379	} md_state;	387	} md_state;
380	void (md_final_raw)(void ctx, unsigned char *md_out);	388	void (md_final_raw)(void ctx, unsigned char *md_out);