Prevent building the HAVEGE module on platforms where it doesn't work

If int is not capable of storing as many values as unsigned, the code may generate a trap value. If signed int and unsigned int aren't 32-bit types, the code may calculate meaningless values.
2025-01-11 09:05:46 +00:00 · 2019-06-17 15:12:51 +02:00 · 2019-06-17 15:12:51 +02:00 · d1800a76a9
parent 8850e2e367
commit d1800a76a9
1 changed files with 11 additions and 0 deletions
--- a/library/havege.c
+++ b/library/havege.c
@ -37,8 +37,19 @@
 #include "mbedtls/havege.h"
 #include "mbedtls/timing.h"

+#include <limits.h>
 #include <string.h>

+/* If int isn't capable of storing 2^32 distinct values, the code of this
+ * module may cause a processor trap or a miscalculation. If int is more
+ * than 32 bits, the code may not calculate the intended values. */
+#if INT_MIN + 1 != -0x7fffffff
+#error "The HAVEGE module requires int to be exactly 32 bits, with INT_MIN = -2^31."
+#endif
+#if UINT_MAX != 0xffffffff
+#error "The HAVEGE module requires unsigned to be exactly 32 bits."
+#endif
+
 /* Implementation that should never be optimized out by the compiler */
 static void mbedtls_zeroize( void *v, size_t n ) {
    volatile unsigned char *p = v; while( n-- ) *p++ = 0;