Crypto++ 5.6.5 release
Crypto++ 5.6.5
Crypto++ 5.6.5 was released on October 11, 2016. The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes.
The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG
for release builds. The gap was the project's failure to tell users to define NDEBUG
. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca
and _freea
.
Due to CVE-2016-7420 and the possibility for an unwanted assert
to egress data, users and distros are encouraged to recompile the library and all dependent programs.
Release Notes
The release notes for Crypto++ 5.6.5 follows.
- maintenance release, recompile of programs recommended
- expanded community input and support
- 25 unique contributors as of this release
- fixed CVE-2016-7420 (Issue 277, document
NDEBUG
for production/release) - fixed CVE-2016-7544 (Issue 302, avoid
_malloca
and_freea
for MSC compilers) - shipped library in recommended state
- backwards compatibility achieved with
<config.compat>
- backwards compatibility achieved with
- Visual Studio project file cleanup
- improved X86 and X64 MSBuild support
- added ARM-based MSBuild awareness
- improved Testing and QA
- expanded platforms and compilers
- expanded Coverity into OS X and Windows platforms
- added Windows test scripts using Strawberry Perl
- ported to MSVC 2015 SP3, Xcode 7.3, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00
Bug Fixes and Minor Issues
The bug fix and minor issue list for Crypto++ 5.6.5 follows. Most non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.
The list below has about 20 issues. The project's test scripts, cryptest.sh
and cryptest.nmake
, uncovered about 16 (80.0%) of them.
- Document need for
NDEBUG
in production/release (CVE-2016-7420, Issue 277) - Add CRYPTOPP_ASSERT(); avoid Posix assert() (CVE-2016-7420, Issue 277)
- Potential memory corruption when using
_malloca
and_freea
for MSC compilers (CVE-2016-7544, Issue 302) - Fix missing
CryptoPP::memcpy_s
on MinGW32 (Issue 319) - Visual Studio 2010 project file cleanup (Issue 314)
- Improved MSBuild support, including future ARM-based builds (Issue 316)
- Cygwin, Newlib and broken compile when
-std=XXX
due to<signal.h>
(Issue 315) - Sun Studio 12.2-12.4 and failed debug compile due to
<signal.h>
(Issue 289) - Sun Studio 12.3-12.4, integer.cpp and "Types cannot be declared in anonymous union" (Issue 274)
- Sun Studio 12.5 and incorrect results for GCM when using SSE2 ASM (Issue 284)
- Solaris GCC and "error: constructor priorities are not supported" (Issue 289)
- Clang 3.3, i686 and "error: unknown use of instruction mnemonic without a size suffix (Issue 264)
- Clang 3.7 warnings for missing/undefined variable templates definitions in
<pkcspad.h>
- Additional test scripts for Windows and OS X testing (Issue 303)
- Approximately 80 miscellaneous Coverity findings on Windows (Issues 310-12, all minor or false positives)
- Approximately 20 miscellaneous Coverity findings on OS X (Issues 295 and 299, all minor or false positives)
- MARS max keysize is limited at 32 bytes (Issue 278)
- CMake improvements (Issues 276)
- CMake, Solaris and output artifacts that can't be linked due to missing PIC (Issue 271)
- CMake, CMakeList.txt calls out GNUInstallDirs (Issue 268)
- Fix port forwarding in
cryptest.exe
program on Unix - Move file scope statics into anonymous namespace
- Rewrite some Windows socket code, remove
_WINSOCK_DEPRECATED_NO_WARNINGS
(Issue 19) - Guard DEBUG_NEW for Visual Studio and leak detection
- Remove library supplied aesenc, aesdec and friends (Issue 206)
- Use
__BIGGEST_ALIGNMENT__
in<secblock.h>
if its smaller thansizeof(T)
- Re-enable AES-NI/CLMUL when using Clang Integrated Assembler
- Updated documentation
File Changes
Below is a list of all files that were added or deleted at Crypto++ 5.6.5.
The header file ossig.h
is new and needs to be distributed. Additions to TestScripts
can probably be ignored.
$ git diff-tree -r --summary CRYPTOPP_5_6_4 CRYPTOPP_5_6_5 | grep -v "change" | awk '{$2=$3=""; print $0}' | egrep '(.h|.cpp|.txt|.dat)'
create TestScripts/coverity-linux.txt
create TestScripts/coverity-macosx.txt
create TestScripts/coverity-windows.txt
create TestScripts/cryptest-coverity.cpp
create TestVectors/tls_chacha.txt
create ossig.h
Note for Distros
If you start getting bug reports on missing symbols that implicate unsigned long long
, then this applies to you. Depending on what you are using in Crypto++, it may surface as:
// Linux:
cryptest.exe: symbol lookup error: .../cryptest.exe: undefined symbol: CryptoPP::RandomNumberStore::TransferTo2(CryptoPP::BufferedTransformation&,
unsigned long long&, std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool)
cryptest.exe: symbol lookup error: .../cryptest.exe: undefined symbol: CryptoPP::Whirlpool::InitState(unsigned long long*)
// OS X:
dyld: Symbol not found: CryptoPP::RandomPool::GenerateIntoBufferedTransformation(CryptoPP::BufferedTransformation&, std::string const&, unsigned long long)
Referenced from: .../cryptest.exe
Expected in: .../libcryptopp.dylib
in .../cryptest.exe
In Crypto++ 5.6.4 and below word64
was unconditionally defined to unsigned long long
on 32-bit and 64-bit platforms. Crypto++ 5.6.5 defined word64
to unsigned long
on 64-bit machines due to compile problems with GCC and Clang when using SSE and NEON data types through intrinsics. Crypto++ 5.6.5 increased use of SSE and NEON intrinsics, and calls to SSE and NEON APIs had some hacks that were cleaned up.
Below if from config.h
, and it is reposnsible for the "missing unsigned long long" issue.
#if defined(_MSC_VER) || defined(__BORLANDC__)
typedef unsigned __int64 word64;
#define W64LIT(x) x##ui64
#elif (_LP64 || __LP64__)
typedef unsigned long word64;
#define W64LIT(x) x##UL
#else
typedef unsigned long long word64;
#define W64LIT(x) x##ULL
#endif
To go back to Crypto++ 5.6.4, you have two choices. First, you can use config.compat
in place of config.h
to restore the compatibility. Second, you can remove the __LP64__
block. Be advised we did not test this configuration, so it may not completely clear the "missing unsigned long long" issue.
#if defined(_MSC_VER) || defined(__BORLANDC__)
typedef unsigned __int64 word64;
#define W64LIT(x) x##ui64
#else
typedef unsigned long long word64;
#define W64LIT(x) x##ULL
#endif
Since this break was unknown to the project, it was identified as a gap in our testing process. Commit 385a3914d6cfdc88 added a script to test for missing symbols by linking cryptest.exe
against different versions of the dynamic library. For example, Crypto++ 5.6.4 cryptest.exe
will runtime link against Crypto++ 5.6.5 libcryptopp.so
or libcryptopp.dylib
to nsure no symbols go missing.