]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d2db431) | patch
Use unsigned comparisons. Prior to this commit, SHA1_Update and
authorcperciva <cperciva@FreeBSD.org>
Mon, 14 May 2007 05:00:37 +0000 (05:00 +0000)
committercperciva <cperciva@FreeBSD.org>
Mon, 14 May 2007 05:00:37 +0000 (05:00 +0000)
commit3377b1e9f82aa46537543f6da02944632bf3daab
treeb68c78c20a409c80fe20928453eb710d7463f62etree | snapshot
parentd2db4318e7bacb65f6d87c19bf55b35dbd6c888acommit | diff
Use unsigned comparisons.  Prior to this commit, SHA1_Update and
RIPEMD160_Update were broken when all of the following conditions
applied:
(1) The platform is i386.
(2) The program calling *_Update is statically linked to libmd.
(3) The buffer provided to *_Update is aligned modulo 4 bytes.
(4) The buffer extends beyond 2GB.

Due to the design of this code, SHA1_Update and RIPEMD160_Update will
still be broken if conditions (1)-(3) apply AND the buffer extends
beyond 4GB (i.e., there is an integer overflow in computing "data + len").
Since this remaining bug simply replaces SIGSEGV with a bogus hash (and
non-broken programs should never provide such operands) I don't consider
it to be a serious problem.

MFC After:      1 week
PR:             kern/102795
lib/libmd/i386/rmd160.S diff | blob | history
lib/libmd/i386/sha.S diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.