Browse Source

Cast bitcount to u_in64_t before bit shifting to prevent integer overflow

on 32bit platforms which cause incorrect results when adding a block
>=512M in size.  sha1 patch from ante84 at gmail.com via openssh github,
sha2 with djm@, ok tedu@
OPENBSD_6_6
dtucker 5 years ago
parent
commit
340e9dca9e
2 changed files with 5 additions and 5 deletions
  1. +2
    -2
      src/lib/libc/hash/sha1.c
  2. +3
    -3
      src/lib/libc/hash/sha2.c

+ 2
- 2
src/lib/libc/hash/sha1.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: sha1.c,v 1.26 2015/09/11 09:18:27 guenther Exp $ */
/* $OpenBSD: sha1.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $ */
/*
* SHA-1 in C
@ -128,7 +128,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
size_t i, j;
j = (size_t)((context->count >> 3) & 63);
context->count += (len << 3);
context->count += ((u_int64_t)len << 3);
if ((j + len) > 63) {
(void)memcpy(&context->buffer[j], data, (i = 64-j));
SHA1Transform(context->state, context->buffer);


+ 3
- 3
src/lib/libc/hash/sha2.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: sha2.c,v 1.26 2017/05/27 15:32:51 naddy Exp $ */
/* $OpenBSD: sha2.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $ */
/*
* FILE: sha2.c
@ -510,7 +510,7 @@ DEF_WEAK(SHA256Transform);
void
SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
{
size_t freespace, usedspace;
u_int64_t freespace, usedspace;
/* Calling with no data is valid (we do nothing) */
if (len == 0)
@ -531,7 +531,7 @@ SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
} else {
/* The buffer is not yet full */
memcpy(&context->buffer[usedspace], data, len);
context->bitcount[0] += len << 3;
context->bitcount[0] += (u_int64_t)len << 3;
/* Clean up: */
usedspace = freespace = 0;
return;


Loading…
Cancel
Save