mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-26 20:10:58 +00:00
b168c0d2e6
Check that the source address and the frame counter have the expected
length. Otherwise, if the test data was invalid, the test code could
build nonsensical inputs, potentially overflowing the iv buffer.
The primary benefit of this change is that it also silences a warning
from compiling with `gcc-10 -O3` (observed with GCC 10.2.0 on
Linux/amd64). GCC unrolled the loops and complained about a buffer
overflow with warnings like:
```
suites/test_suite_ccm.function: In function 'test_mbedtls_ccm_star_auth_decrypt':
suites/test_suite_ccm.function:271:15: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=]
271 | iv[i] = source_address->x[i];
| ~~~~~~^~~~~~~~~~~~~~~~~~~~~~
suites/test_suite_ccm.function:254:19: note: at offset [13, 14] to object 'iv' with size 13 declared here
254 | unsigned char iv[13];
```
Just using memcpy instead of loops bypasses this warnings. The added
checks are a bonus.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
|
||
|---|---|---|
| .. | ||
| .jenkins | ||
| configs | ||
| data_files | ||
| docker/bionic | ||
| git-scripts | ||
| include/test | ||
| scripts | ||
| src | ||
| suites | ||
| .gitignore | ||
| CMakeLists.txt | ||
| compat-in-docker.sh | ||
| compat.sh | ||
| context-info.sh | ||
| Descriptions.txt | ||
| make-in-docker.sh | ||
| Makefile | ||
| ssl-opt-in-docker.sh | ||
| ssl-opt.sh | ||