diff options
author | David Benjamin <davidben@google.com> | 2016-12-13 01:07:13 -0500 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2016-12-21 20:34:47 +0000 |
commit | 17cf2cb1d226b0ba2401304242df7ddd3b6f1ff2 (patch) | |
tree | 3e6b6da76353a25cad1850c46668107690e8b245 /decrepit/ripemd | |
parent | 56cadc3daf9090d7536d92319f0c6e7a39bf7f4f (diff) | |
download | boringssl-17cf2cb1d226b0ba2401304242df7ddd3b6f1ff2.zip boringssl-17cf2cb1d226b0ba2401304242df7ddd3b6f1ff2.tar.gz boringssl-17cf2cb1d226b0ba2401304242df7ddd3b6f1ff2.tar.bz2 |
Work around language and compiler bug in memcpy, etc.
Most C standard library functions are undefined if passed NULL, even
when the corresponding length is zero. This gives them (and, in turn,
all functions which call them) surprising behavior on empty arrays.
Some compilers will miscompile code due to this rule. See also
https://www.imperialviolet.org/2016/06/26/nonnull.html
Add OPENSSL_memcpy, etc., wrappers which avoid this problem.
BUG=23
Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e
Reviewed-on: https://boringssl-review.googlesource.com/12928
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'decrepit/ripemd')
-rw-r--r-- | decrepit/ripemd/ripemd.c | 2 | ||||
-rw-r--r-- | decrepit/ripemd/ripemd_test.cc | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/decrepit/ripemd/ripemd.c b/decrepit/ripemd/ripemd.c index ce47c28..ab9bc32 100644 --- a/decrepit/ripemd/ripemd.c +++ b/decrepit/ripemd/ripemd.c @@ -62,7 +62,7 @@ int RIPEMD160_Init(RIPEMD160_CTX *ctx) { - memset(ctx, 0, sizeof(*ctx)); + OPENSSL_memset(ctx, 0, sizeof(*ctx)); ctx->h[0] = RIPEMD160_A; ctx->h[1] = RIPEMD160_B; ctx->h[2] = RIPEMD160_C; diff --git a/decrepit/ripemd/ripemd_test.cc b/decrepit/ripemd/ripemd_test.cc index ebcabdf..e39c893 100644 --- a/decrepit/ripemd/ripemd_test.cc +++ b/decrepit/ripemd/ripemd_test.cc @@ -19,6 +19,7 @@ #include <stdio.h> #include <string.h> +#include "../../crypto/internal.h" #include "../../crypto/test/test_util.h" @@ -85,7 +86,7 @@ int main(void) { RIPEMD160_Final(digest, &ctx); } - if (memcmp(digest, test.expected, sizeof(digest)) != 0) { + if (OPENSSL_memcmp(digest, test.expected, sizeof(digest)) != 0) { fprintf(stderr, "#%u: bad result with stride %u: ", test_num, static_cast<unsigned>(stride)); hexdump(stderr, "", digest, sizeof(digest)); @@ -96,7 +97,7 @@ int main(void) { static const size_t kLargeBufSize = 1000000; std::unique_ptr<uint8_t[]> buf(new uint8_t[kLargeBufSize]); - memset(buf.get(), 'a', kLargeBufSize); + OPENSSL_memset(buf.get(), 'a', kLargeBufSize); uint8_t digest[RIPEMD160_DIGEST_LENGTH]; RIPEMD160(buf.get(), kLargeBufSize, digest); @@ -104,7 +105,7 @@ int main(void) { 0x52, 0x78, 0x32, 0x43, 0xc1, 0x69, 0x7b, 0xdb, 0xe1, 0x6d, 0x37, 0xf9, 0x7f, 0x68, 0xf0, 0x83, 0x25, 0xdc, 0x15, 0x28}; - if (memcmp(digest, kMillionADigest, sizeof(digest)) != 0) { + if (OPENSSL_memcmp(digest, kMillionADigest, sizeof(digest)) != 0) { fprintf(stderr, "Digest incorrect for “million a's” test: "); hexdump(stderr, "", digest, sizeof(digest)); ok = 0; |