diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2014-09-16 03:47:33 +0200 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2014-09-16 03:47:33 +0200 |
| commit | 18e13778e5bfd4609804f37140613208ea620b23 (patch) | |
| tree | c484b989d4f2eeb8928cd0e1e335c04a3ba08976 | |
| parent | 86f2b8b72dd571ff05332a48b70f595dae3b5ebd (diff) | |
| download | fastd-18e13778e5bfd4609804f37140613208ea620b23.tar fastd-18e13778e5bfd4609804f37140613208ea620b23.zip | |
Fix undefined behaviour due to zero length VLAs in null+* methods
| -rw-r--r-- | src/methods/composed_gmac/composed_gmac.c | 8 | ||||
| -rw-r--r-- | src/methods/composed_umac/composed_umac.c | 8 |
2 files changed, 8 insertions, 8 deletions
diff --git a/src/methods/composed_gmac/composed_gmac.c b/src/methods/composed_gmac/composed_gmac.c index b6506dd..26dd099 100644 --- a/src/methods/composed_gmac/composed_gmac.c +++ b/src/methods/composed_gmac/composed_gmac.c @@ -225,8 +225,8 @@ static bool method_encrypt(UNUSED fastd_peer_t *peer, fastd_method_session_state bool ok = session->gmac_cipher->crypt(session->gmac_cipher_state, outblocks, &ZERO_BLOCK, sizeof(fastd_block128_t), gmac_nonce); if (ok) { - uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8))); - fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce)); + uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8))); + fastd_method_expand_nonce(nonce, session->common.send_nonce, session->method->cipher_info->iv_length); ok = session->cipher->crypt(session->cipher_state, outblocks+1, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); } @@ -272,8 +272,8 @@ static bool method_decrypt(fastd_peer_t *peer, fastd_method_session_state_t *ses if (flags) return false; - uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8))); - fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce)); + uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8))); + fastd_method_expand_nonce(nonce, in_nonce, session->method->cipher_info->iv_length); uint8_t gmac_nonce[session->method->gmac_cipher_info->iv_length] __attribute__((aligned(8))); fastd_method_expand_nonce(gmac_nonce, in_nonce, sizeof(gmac_nonce)); diff --git a/src/methods/composed_umac/composed_umac.c b/src/methods/composed_umac/composed_umac.c index bca52fb..88e2d51 100644 --- a/src/methods/composed_umac/composed_umac.c +++ b/src/methods/composed_umac/composed_umac.c @@ -192,8 +192,8 @@ static bool method_encrypt(UNUSED fastd_peer_t *peer, fastd_method_session_state bool ok = session->umac_cipher->crypt(session->umac_cipher_state, outblocks, &ZERO_BLOCK, sizeof(fastd_block128_t), umac_nonce); if (ok) { - uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8))); - fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce)); + uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8))); + fastd_method_expand_nonce(nonce, session->common.send_nonce, session->method->cipher_info->iv_length); ok = session->cipher->crypt(session->cipher_state, outblocks+1, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); } @@ -237,8 +237,8 @@ static bool method_decrypt(fastd_peer_t *peer, fastd_method_session_state_t *ses if (flags) return false; - uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8))); - fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce)); + uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8))); + fastd_method_expand_nonce(nonce, in_nonce, session->method->cipher_info->iv_length); uint8_t umac_nonce[session->method->umac_cipher_info->iv_length] __attribute__((aligned(8))); fastd_method_expand_nonce(umac_nonce, in_nonce, sizeof(umac_nonce)); |