From 340e9dca9ea7892055dd8b1743f0923cece726cb Mon Sep 17 00:00:00 2001 From: dtucker <> Date: Fri, 7 Jun 2019 22:56:36 +0000 Subject: [PATCH] Cast bitcount to u_in64_t before bit shifting to prevent integer overflow on 32bit platforms which cause incorrect results when adding a block >=512M in size. sha1 patch from ante84 at gmail.com via openssh github, sha2 with djm@, ok tedu@ --- src/lib/libc/hash/sha1.c | 4 ++-- src/lib/libc/hash/sha2.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/lib/libc/hash/sha1.c b/src/lib/libc/hash/sha1.c index 4a6cc325..81887e3e 100644 --- a/src/lib/libc/hash/sha1.c +++ b/src/lib/libc/hash/sha1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha1.c,v 1.26 2015/09/11 09:18:27 guenther Exp $ */ +/* $OpenBSD: sha1.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $ */ /* * SHA-1 in C @@ -128,7 +128,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len) size_t i, j; j = (size_t)((context->count >> 3) & 63); - context->count += (len << 3); + context->count += ((u_int64_t)len << 3); if ((j + len) > 63) { (void)memcpy(&context->buffer[j], data, (i = 64-j)); SHA1Transform(context->state, context->buffer); diff --git a/src/lib/libc/hash/sha2.c b/src/lib/libc/hash/sha2.c index 80fa50aa..f16cf9cd 100644 --- a/src/lib/libc/hash/sha2.c +++ b/src/lib/libc/hash/sha2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.c,v 1.26 2017/05/27 15:32:51 naddy Exp $ */ +/* $OpenBSD: sha2.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $ */ /* * FILE: sha2.c @@ -510,7 +510,7 @@ DEF_WEAK(SHA256Transform); void SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len) { - size_t freespace, usedspace; + u_int64_t freespace, usedspace; /* Calling with no data is valid (we do nothing) */ if (len == 0) @@ -531,7 +531,7 @@ SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len) } else { /* The buffer is not yet full */ memcpy(&context->buffer[usedspace], data, len); - context->bitcount[0] += len << 3; + context->bitcount[0] += (u_int64_t)len << 3; /* Clean up: */ usedspace = freespace = 0; return;