diff options
author | David Benjamin <davidben@google.com> | 2024-06-21 17:00:31 -0400 |
---|---|---|
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2024-06-21 21:53:36 +0000 |
commit | 45b2464158379f48cec6e35a1ef503ddea1511a6 (patch) | |
tree | 7f37b25e1d3c8b56eb8f9485c717a36e62a6b2f2 | |
parent | 2fcdd11f6d33b667968a5bc5147e2ba83a2082b8 (diff) | |
download | boringssl-45b2464158379f48cec6e35a1ef503ddea1511a6.zip boringssl-45b2464158379f48cec6e35a1ef503ddea1511a6.tar.gz boringssl-45b2464158379f48cec6e35a1ef503ddea1511a6.tar.bz2 |
Rewrite CBS_get_asn1_int64 slightly
GCC 13.2.0 has a false positive in -Wstringop-overflow. Oddly, I can
only reproduce it with -O2 -march=native. The old code was also correct,
but this version seems to do a better job of avoiding the warning.
Instead of reversing the variable-length string while sign-extending, we
assemble a big-endian sign-extended version and then do a fixed-width
byte swap at the end.
Fixed: 42290598
Change-Id: I6d5de1e1d6d117f6b5947d3a2155e794764eb472
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/69547
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
-rw-r--r-- | crypto/bytestring/cbs.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/crypto/bytestring/cbs.c b/crypto/bytestring/cbs.c index bf94db1..c5f0464 100644 --- a/crypto/bytestring/cbs.c +++ b/crypto/bytestring/cbs.c @@ -507,11 +507,9 @@ int CBS_get_asn1_int64(CBS *cbs, int64_t *out) { return 0; } uint8_t sign_extend[sizeof(int64_t)]; - memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend)); - for (size_t i = 0; i < len; i++) { - sign_extend[i] = data[len - i - 1]; - } - memcpy(out, sign_extend, sizeof(sign_extend)); + OPENSSL_memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend)); + OPENSSL_memcpy(sign_extend + sizeof(int64_t) - len, data, len); + *out = CRYPTO_load_u64_be(sign_extend); return 1; } |