diff options
| author | miod <> | 2015-11-05 21:59:13 +0000 |
|---|---|---|
| committer | miod <> | 2015-11-05 21:59:13 +0000 |
| commit | 5eaa2df7b39b83f1cc8f8b6fd00bbec5c469c3fd (patch) | |
| tree | 1d90ae7090270b523f420eab6af6609f7e4cc1ee | |
| parent | 529158aade71dea466403c41c9d21b066917b124 (diff) | |
| download | openbsd-5eaa2df7b39b83f1cc8f8b6fd00bbec5c469c3fd.tar.gz openbsd-5eaa2df7b39b83f1cc8f8b6fd00bbec5c469c3fd.tar.bz2 openbsd-5eaa2df7b39b83f1cc8f8b6fd00bbec5c469c3fd.zip | |
Cast Td4[] values (which are uint8_t) to uint32_t before shifting them left by
24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99
6.5.7, signed int shifted by enough bits to cause a the sign bit to be set
is an UB.
Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am
{partial,slightly related} to.
| -rw-r--r-- | src/lib/libcrypto/aes/aes_core.c | 10 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/aes/aes_core.c | 10 |
2 files changed, 10 insertions, 10 deletions
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c index 93c32b919b..1b8a24c714 100644 --- a/src/lib/libcrypto/aes/aes_core.c +++ b/src/lib/libcrypto/aes/aes_core.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: aes_core.c,v 1.12 2015/02/10 09:46:30 miod Exp $ */ | 1 | /* $OpenBSD: aes_core.c,v 1.13 2015/11/05 21:59:13 miod Exp $ */ |
| 2 | /** | 2 | /** |
| 3 | * rijndael-alg-fst.c | 3 | * rijndael-alg-fst.c |
| 4 | * | 4 | * |
| @@ -1132,28 +1132,28 @@ AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) | |||
| 1132 | * map cipher state to byte array block: | 1132 | * map cipher state to byte array block: |
| 1133 | */ | 1133 | */ |
| 1134 | s0 = | 1134 | s0 = |
| 1135 | (Td4[(t0 >> 24)] << 24) ^ | 1135 | (((uint32_t)Td4[(t0 >> 24)]) << 24) ^ |
| 1136 | (Td4[(t3 >> 16) & 0xff] << 16) ^ | 1136 | (Td4[(t3 >> 16) & 0xff] << 16) ^ |
| 1137 | (Td4[(t2 >> 8) & 0xff] << 8) ^ | 1137 | (Td4[(t2 >> 8) & 0xff] << 8) ^ |
| 1138 | (Td4[(t1) & 0xff]) ^ | 1138 | (Td4[(t1) & 0xff]) ^ |
| 1139 | rk[0]; | 1139 | rk[0]; |
| 1140 | PUTU32(out, s0); | 1140 | PUTU32(out, s0); |
| 1141 | s1 = | 1141 | s1 = |
| 1142 | (Td4[(t1 >> 24)] << 24) ^ | 1142 | (((uint32_t)Td4[(t1 >> 24)]) << 24) ^ |
| 1143 | (Td4[(t0 >> 16) & 0xff] << 16) ^ | 1143 | (Td4[(t0 >> 16) & 0xff] << 16) ^ |
| 1144 | (Td4[(t3 >> 8) & 0xff] << 8) ^ | 1144 | (Td4[(t3 >> 8) & 0xff] << 8) ^ |
| 1145 | (Td4[(t2) & 0xff]) ^ | 1145 | (Td4[(t2) & 0xff]) ^ |
| 1146 | rk[1]; | 1146 | rk[1]; |
| 1147 | PUTU32(out + 4, s1); | 1147 | PUTU32(out + 4, s1); |
| 1148 | s2 = | 1148 | s2 = |
| 1149 | (Td4[(t2 >> 24)] << 24) ^ | 1149 | (((uint32_t)Td4[(t2 >> 24)]) << 24) ^ |
| 1150 | (Td4[(t1 >> 16) & 0xff] << 16) ^ | 1150 | (Td4[(t1 >> 16) & 0xff] << 16) ^ |
| 1151 | (Td4[(t0 >> 8) & 0xff] << 8) ^ | 1151 | (Td4[(t0 >> 8) & 0xff] << 8) ^ |
| 1152 | (Td4[(t3) & 0xff]) ^ | 1152 | (Td4[(t3) & 0xff]) ^ |
| 1153 | rk[2]; | 1153 | rk[2]; |
| 1154 | PUTU32(out + 8, s2); | 1154 | PUTU32(out + 8, s2); |
| 1155 | s3 = | 1155 | s3 = |
| 1156 | (Td4[(t3 >> 24)] << 24) ^ | 1156 | (((uint32_t)Td4[(t3 >> 24)]) << 24) ^ |
| 1157 | (Td4[(t2 >> 16) & 0xff] << 16) ^ | 1157 | (Td4[(t2 >> 16) & 0xff] << 16) ^ |
| 1158 | (Td4[(t1 >> 8) & 0xff] << 8) ^ | 1158 | (Td4[(t1 >> 8) & 0xff] << 8) ^ |
| 1159 | (Td4[(t0) & 0xff]) ^ | 1159 | (Td4[(t0) & 0xff]) ^ |
diff --git a/src/lib/libssl/src/crypto/aes/aes_core.c b/src/lib/libssl/src/crypto/aes/aes_core.c index 93c32b919b..1b8a24c714 100644 --- a/src/lib/libssl/src/crypto/aes/aes_core.c +++ b/src/lib/libssl/src/crypto/aes/aes_core.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: aes_core.c,v 1.12 2015/02/10 09:46:30 miod Exp $ */ | 1 | /* $OpenBSD: aes_core.c,v 1.13 2015/11/05 21:59:13 miod Exp $ */ |
| 2 | /** | 2 | /** |
| 3 | * rijndael-alg-fst.c | 3 | * rijndael-alg-fst.c |
| 4 | * | 4 | * |
| @@ -1132,28 +1132,28 @@ AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) | |||
| 1132 | * map cipher state to byte array block: | 1132 | * map cipher state to byte array block: |
| 1133 | */ | 1133 | */ |
| 1134 | s0 = | 1134 | s0 = |
| 1135 | (Td4[(t0 >> 24)] << 24) ^ | 1135 | (((uint32_t)Td4[(t0 >> 24)]) << 24) ^ |
| 1136 | (Td4[(t3 >> 16) & 0xff] << 16) ^ | 1136 | (Td4[(t3 >> 16) & 0xff] << 16) ^ |
| 1137 | (Td4[(t2 >> 8) & 0xff] << 8) ^ | 1137 | (Td4[(t2 >> 8) & 0xff] << 8) ^ |
| 1138 | (Td4[(t1) & 0xff]) ^ | 1138 | (Td4[(t1) & 0xff]) ^ |
| 1139 | rk[0]; | 1139 | rk[0]; |
| 1140 | PUTU32(out, s0); | 1140 | PUTU32(out, s0); |
| 1141 | s1 = | 1141 | s1 = |
| 1142 | (Td4[(t1 >> 24)] << 24) ^ | 1142 | (((uint32_t)Td4[(t1 >> 24)]) << 24) ^ |
| 1143 | (Td4[(t0 >> 16) & 0xff] << 16) ^ | 1143 | (Td4[(t0 >> 16) & 0xff] << 16) ^ |
| 1144 | (Td4[(t3 >> 8) & 0xff] << 8) ^ | 1144 | (Td4[(t3 >> 8) & 0xff] << 8) ^ |
| 1145 | (Td4[(t2) & 0xff]) ^ | 1145 | (Td4[(t2) & 0xff]) ^ |
| 1146 | rk[1]; | 1146 | rk[1]; |
| 1147 | PUTU32(out + 4, s1); | 1147 | PUTU32(out + 4, s1); |
| 1148 | s2 = | 1148 | s2 = |
| 1149 | (Td4[(t2 >> 24)] << 24) ^ | 1149 | (((uint32_t)Td4[(t2 >> 24)]) << 24) ^ |
| 1150 | (Td4[(t1 >> 16) & 0xff] << 16) ^ | 1150 | (Td4[(t1 >> 16) & 0xff] << 16) ^ |
| 1151 | (Td4[(t0 >> 8) & 0xff] << 8) ^ | 1151 | (Td4[(t0 >> 8) & 0xff] << 8) ^ |
| 1152 | (Td4[(t3) & 0xff]) ^ | 1152 | (Td4[(t3) & 0xff]) ^ |
| 1153 | rk[2]; | 1153 | rk[2]; |
| 1154 | PUTU32(out + 8, s2); | 1154 | PUTU32(out + 8, s2); |
| 1155 | s3 = | 1155 | s3 = |
| 1156 | (Td4[(t3 >> 24)] << 24) ^ | 1156 | (((uint32_t)Td4[(t3 >> 24)]) << 24) ^ |
| 1157 | (Td4[(t2 >> 16) & 0xff] << 16) ^ | 1157 | (Td4[(t2 >> 16) & 0xff] << 16) ^ |
| 1158 | (Td4[(t1 >> 8) & 0xff] << 8) ^ | 1158 | (Td4[(t1 >> 8) & 0xff] << 8) ^ |
| 1159 | (Td4[(t0) & 0xff]) ^ | 1159 | (Td4[(t0) & 0xff]) ^ |