diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2017-02-21 22:20:34 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2017-03-19 14:33:54 +0100 |
commit | 497910833e6992b4b8645900f2086a56f5557424 (patch) | |
tree | 84f501d094ee321cfebcf0a333df1b1a4c879552 /crypto/cryptlib.c | |
parent | 39176d44248ed5581ecd1e05bb9385e28a3d803b (diff) | |
download | openssl-497910833e6992b4b8645900f2086a56f5557424.zip openssl-497910833e6992b4b8645900f2086a56f5557424.tar.gz openssl-497910833e6992b4b8645900f2086a56f5557424.tar.bz2 |
Make the CRYPTO_memcmp() prototype match memcmp()
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2633
Diffstat (limited to 'crypto/cryptlib.c')
-rw-r--r-- | crypto/cryptlib.c | 27 |
1 files changed, 8 insertions, 19 deletions
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index b022365..71a5c35 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -313,26 +313,15 @@ void OPENSSL_die(const char *message, const char *file, int line) } #if !defined(OPENSSL_CPUID_OBJ) -/* volatile unsigned char* pointers are there because - * 1. Accessing a variable declared volatile via a pointer - * that lacks a volatile qualifier causes undefined behavior. - * 2. When the variable itself is not volatile the compiler is - * not required to keep all those reads and can convert - * this into canonical memcmp() which doesn't read the whole block. - * Pointers to volatile resolve the first problem fully. The second - * problem cannot be resolved in any Standard-compliant way but this - * works the problem around. Compilers typically react to - * pointers to volatile by preserving the reads and writes through them. - * The latter is not required by the Standard if the memory pointed to - * is not volatile. - * Pointers themselves are volatile in the function signature to work - * around a subtle bug in gcc 4.6+ which causes writes through - * pointers to volatile to not be emitted in some rare, - * never needed in real life, pieces of code. +/* + * The volatile is used to to ensure that the compiler generates code that reads + * all values from the array and doesn't try to optimize this away. The standard + * doesn't actually require this behavior if the original data pointed to is + * not volatile, but compilers do this in practice anyway. + * + * There are also assembler versions of this function. */ -int CRYPTO_memcmp(const volatile void * volatile in_a, - const volatile void * volatile in_b, - size_t len) +int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len) { size_t i; const volatile unsigned char *a = in_a; |