Mercurial > hg > octave-nkf > gnulib-hg
comparison lib/md5.c @ 16860:a3feab896112
crypto: fix bug in large buffer handling
Problem reported by Serge Belyshev for glibc in
<http://sourceware.org/bugzilla/show_bug.cgi?id=14090> and for gnulib in
<http://lists.gnu.org/archive/html/bug-gnulib/2012-05/msg00226.html>.
* lib/md4.c (md4_process_block):
* lib/md5.c (md5_process_block):
* lib/sha1.c (sha1_process_block):
* lib/sha256.c (sha256_process_block):
Don't assume the buffer length is less than 2**32.
| author | Paul Eggert <eggert@cs.ucla.edu> |
|---|---|
| date | Fri, 18 May 2012 13:10:42 -0700 |
| parents | bb182ee4a09d |
| children | f3fa9d9507c7 |
comparison
equal
deleted
inserted
replaced
| 16859:42fb5cba93e2 | 16860:a3feab896112 |
|---|---|
| 310 const uint32_t *endp = words + nwords; | 310 const uint32_t *endp = words + nwords; |
| 311 uint32_t A = ctx->A; | 311 uint32_t A = ctx->A; |
| 312 uint32_t B = ctx->B; | 312 uint32_t B = ctx->B; |
| 313 uint32_t C = ctx->C; | 313 uint32_t C = ctx->C; |
| 314 uint32_t D = ctx->D; | 314 uint32_t D = ctx->D; |
| 315 uint32_t lolen = len; | |
| 315 | 316 |
| 316 /* First increment the byte count. RFC 1321 specifies the possible | 317 /* First increment the byte count. RFC 1321 specifies the possible |
| 317 length of the file up to 2^64 bits. Here we only compute the | 318 length of the file up to 2^64 bits. Here we only compute the |
| 318 number of bytes. Do a double word increment. */ | 319 number of bytes. Do a double word increment. */ |
| 319 ctx->total[0] += len; | 320 ctx->total[0] += lolen; |
| 320 if (ctx->total[0] < len) | 321 ctx->total[1] += (len >> 31 >> 1) + (ctx->total[0] < lolen); |
| 321 ++ctx->total[1]; | |
| 322 | 322 |
| 323 /* Process all bytes in the buffer with 64 bytes in each round of | 323 /* Process all bytes in the buffer with 64 bytes in each round of |
| 324 the loop. */ | 324 the loop. */ |
| 325 while (words < endp) | 325 while (words < endp) |
| 326 { | 326 { |