[tor-commits] [tor/master] Coverity: different implementation for csiphash
dgoulet at torproject.org
dgoulet at torproject.org
Tue Jul 23 13:44:29 UTC 2019
commit f55598f870b2346ed48a32befc51b9a548b8b5fa
Author: Nick Mathewson <nickm at torproject.org>
Date: Fri Jun 28 11:57:36 2019 -0400
Coverity: different implementation for csiphash
Coverity has had trouble figuring out our csiphash implementation,
and has given spurious warnings about its behavior.
This patch changes the csiphash implementation when coverity is in
use, so that coverity can figure out that we are not about to read
beyond the provided input.
Closes ticket 31025.
---
changes/ticket31025 | 5 +++++
src/ext/csiphash.c | 8 ++++++++
2 files changed, 13 insertions(+)
diff --git a/changes/ticket31025 b/changes/ticket31025
new file mode 100644
index 000000000..c57228823
--- /dev/null
+++ b/changes/ticket31025
@@ -0,0 +1,5 @@
+ o Minor bugfixes (coverity):
+ - In our siphash implementation, when building for coverity, use memcpy
+ in place of a switch statement, so that coverity can tell we are not
+ accessing out-of-bounds memory. Fixes bug 31025; bugfix on
+ 0.2.8.1-alpha. This is tracked as CID 1447293 and 1447295.
diff --git a/src/ext/csiphash.c b/src/ext/csiphash.c
index af8559a47..faa52ae4e 100644
--- a/src/ext/csiphash.c
+++ b/src/ext/csiphash.c
@@ -87,6 +87,13 @@ uint64_t siphash24(const void *src, unsigned long src_sz, const struct sipkey *k
v0 ^= mi;
}
+#ifdef __COVERITY__
+ {
+ uint64_t mi = 0;
+ memcpy(&mi, m+i, (src_sz-blocks));
+ last7 = _le64toh(mi) | (uint64_t)(src_sz & 0xff) << 56;
+ }
+#else
switch (src_sz - blocks) {
case 7: last7 |= (uint64_t)m[i + 6] << 48; /* Falls through. */
case 6: last7 |= (uint64_t)m[i + 5] << 40; /* Falls through. */
@@ -98,6 +105,7 @@ uint64_t siphash24(const void *src, unsigned long src_sz, const struct sipkey *k
case 0:
default:;
}
+#endif
v3 ^= last7;
DOUBLE_ROUND(v0,v1,v2,v3);
v0 ^= last7;
More information about the tor-commits
mailing list