lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Fix misuse of signed ints in the HAVEGE module

Browse Source 
The elements of the HAVEGE state are manipulated with bitwise
operations, with the expectations that the elements are 32-bit
unsigned integers (or larger). But they are declared as int, and so
the code has undefined behavior. Clang with Asan correctly points out
some shifts that reach the sign bit.

Since these are supposed to be 32-bit unsigned integers, declare them
as uint32_t.

This is technically an API break, since the type mbedtls_havege_state
is exposed in a public header. However normal applications should not
be affected.
This commit is contained in:
Gilles Peskine
2019-06-07 16:38:28 +02:00
parent 86268e1d30
commit 7846299adb
2 changed files with 16 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
include/mbedtls/havege.h
View File

@ -31,6 +31,7 @@
#endif
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
@ -43,9 +44,9 @@ extern "C" {
*/
typedef struct mbedtls_havege_state
{
int PT1, PT2, offset[2];
int pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
int WALK[8192];
uint32_t PT1, PT2, offset[2];
uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
uint32_t WALK[8192];
}
mbedtls_havege_state;