From: Rusty Russell <rusty@rustcorp.com.au>
To: David Gibson <david@gibson.dropbear.id.au>, ccan@lists.ozlabs.org
Cc: rusty@rustcorp/com.au
Subject: Re: [PATCH 4/7] crypto/hmac_sha256: Remove undefined memset()
Date: Tue, 04 Apr 2017 11:52:39 +0930 [thread overview]
Message-ID: <87wpb0di8g.fsf@rustcorp.com.au> (raw)
In-Reply-To: <20170403111112.27201-5-david@gibson.dropbear.id.au>
David Gibson <david@gibson.dropbear.id.au> writes:
> A memset() with a zero length argument isn't well defined. It *might* be
> a no-op, but then it might not. So, test for this case in
> hmac_sha256_init().
Huh? That seems really odd.
Rusty.
> Found by Coverity.
>
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> ---
> ccan/crypto/hmac_sha256/hmac_sha256.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/ccan/crypto/hmac_sha256/hmac_sha256.c b/ccan/crypto/hmac_sha256/hmac_sha256.c
> index 0392afe..70ca3b2 100644
> --- a/ccan/crypto/hmac_sha256/hmac_sha256.c
> +++ b/ccan/crypto/hmac_sha256/hmac_sha256.c
> @@ -36,7 +36,9 @@ void hmac_sha256_init(struct hmac_sha256_ctx *ctx,
> * appended with 44 zero bytes 0x00)
> */
> memcpy(k_ipad, k, ksize);
> - memset((char *)k_ipad + ksize, 0, HMAC_SHA256_BLOCKSIZE - ksize);
> + if (ksize < HMAC_SHA256_BLOCKSIZE)
> + memset((char *)k_ipad + ksize, 0,
> + HMAC_SHA256_BLOCKSIZE - ksize);
>
> /*
> * (2) XOR (bitwise exclusive-OR) the B byte string computed
> --
> 2.9.3
>
> _______________________________________________
> ccan mailing list
> ccan@lists.ozlabs.org
> https://lists.ozlabs.org/listinfo/ccan
_______________________________________________
ccan mailing list
ccan@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/ccan
next prev parent reply other threads:[~2017-04-05 2:28 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-03 11:11 [PATCH 0/7] Coverity David Gibson
2017-04-03 11:11 ` [PATCH 1/7] .travis.yml: Add support for Coverity Scan David Gibson
2017-04-03 12:14 ` David Gibson
2017-04-03 11:11 ` [PATCH 2/7] failtest: Remove memory leak David Gibson
2017-04-03 11:11 ` [PATCH 3/7] tools: Remove fd leak David Gibson
2017-04-03 11:11 ` [PATCH 4/7] crypto/hmac_sha256: Remove undefined memset() David Gibson
2017-04-04 2:22 ` Rusty Russell [this message]
2017-04-05 12:23 ` David Gibson
2017-04-12 23:56 ` Rusty Russell
2017-04-18 4:22 ` Timothy B. Terriberry
2017-04-24 2:30 ` Rusty Russell
2017-04-03 11:11 ` [PATCH 5/7] crypto/ripemd160: Correct badly sized union member David Gibson
2017-04-03 11:11 ` [PATCH 6/7] ccanlint: Fix leak in do_reduce_features() David Gibson
2017-04-03 11:11 ` [PATCH 7/7] net: Add check for failure of setsockopt() David Gibson
2017-04-04 2:23 ` Rusty Russell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wpb0di8g.fsf@rustcorp.com.au \
--to=rusty@rustcorp.com.au \
--cc=ccan@lists.ozlabs.org \
--cc=david@gibson.dropbear.id.au \
--cc=rusty@rustcorp/com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.