summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2014-09-16 03:47:33 +0200
committerMatthias Schiffer <mschiffer@universe-factory.net>2014-09-16 03:47:33 +0200
commit18e13778e5bfd4609804f37140613208ea620b23 (patch)
treec484b989d4f2eeb8928cd0e1e335c04a3ba08976
parent86f2b8b72dd571ff05332a48b70f595dae3b5ebd (diff)
downloadfastd-18e13778e5bfd4609804f37140613208ea620b23.tar
fastd-18e13778e5bfd4609804f37140613208ea620b23.zip
Fix undefined behaviour due to zero length VLAs in null+* methods
-rw-r--r--src/methods/composed_gmac/composed_gmac.c8
-rw-r--r--src/methods/composed_umac/composed_umac.c8
2 files changed, 8 insertions, 8 deletions
diff --git a/src/methods/composed_gmac/composed_gmac.c b/src/methods/composed_gmac/composed_gmac.c
index b6506dd..26dd099 100644
--- a/src/methods/composed_gmac/composed_gmac.c
+++ b/src/methods/composed_gmac/composed_gmac.c
@@ -225,8 +225,8 @@ static bool method_encrypt(UNUSED fastd_peer_t *peer, fastd_method_session_state
bool ok = session->gmac_cipher->crypt(session->gmac_cipher_state, outblocks, &ZERO_BLOCK, sizeof(fastd_block128_t), gmac_nonce);
if (ok) {
- uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8)));
- fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce));
+ uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8)));
+ fastd_method_expand_nonce(nonce, session->common.send_nonce, session->method->cipher_info->iv_length);
ok = session->cipher->crypt(session->cipher_state, outblocks+1, inblocks, n_blocks*sizeof(fastd_block128_t), nonce);
}
@@ -272,8 +272,8 @@ static bool method_decrypt(fastd_peer_t *peer, fastd_method_session_state_t *ses
if (flags)
return false;
- uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8)));
- fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce));
+ uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8)));
+ fastd_method_expand_nonce(nonce, in_nonce, session->method->cipher_info->iv_length);
uint8_t gmac_nonce[session->method->gmac_cipher_info->iv_length] __attribute__((aligned(8)));
fastd_method_expand_nonce(gmac_nonce, in_nonce, sizeof(gmac_nonce));
diff --git a/src/methods/composed_umac/composed_umac.c b/src/methods/composed_umac/composed_umac.c
index bca52fb..88e2d51 100644
--- a/src/methods/composed_umac/composed_umac.c
+++ b/src/methods/composed_umac/composed_umac.c
@@ -192,8 +192,8 @@ static bool method_encrypt(UNUSED fastd_peer_t *peer, fastd_method_session_state
bool ok = session->umac_cipher->crypt(session->umac_cipher_state, outblocks, &ZERO_BLOCK, sizeof(fastd_block128_t), umac_nonce);
if (ok) {
- uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8)));
- fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce));
+ uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8)));
+ fastd_method_expand_nonce(nonce, session->common.send_nonce, session->method->cipher_info->iv_length);
ok = session->cipher->crypt(session->cipher_state, outblocks+1, inblocks, n_blocks*sizeof(fastd_block128_t), nonce);
}
@@ -237,8 +237,8 @@ static bool method_decrypt(fastd_peer_t *peer, fastd_method_session_state_t *ses
if (flags)
return false;
- uint8_t nonce[session->method->cipher_info->iv_length] __attribute__((aligned(8)));
- fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce));
+ uint8_t nonce[session->method->cipher_info->iv_length ?: 1] __attribute__((aligned(8)));
+ fastd_method_expand_nonce(nonce, in_nonce, session->method->cipher_info->iv_length);
uint8_t umac_nonce[session->method->umac_cipher_info->iv_length] __attribute__((aligned(8)));
fastd_method_expand_nonce(umac_nonce, in_nonce, sizeof(umac_nonce));