Skip to content

Commit

Permalink
Avoid alignment warnings in openssl rc4.c
Browse files Browse the repository at this point in the history 
Add a comment to k5_arcfour_init_state() explaining how we stretch the
krb5_data cipher state contract.  Use void * casts when interpreting
the data pointer to avoid alignment warnings.

[ghudson@mit.edu: moved and expanded comment; rewrote commit message]
  • Loading branch information
@frozencemetery @greghudson
frozencemetery authored and greghudson committed May 9, 2019
1 parent e8b463c commit 1cd41d7
Showing 1 changed file with 12 additions and 3 deletions.
15 changes: 12 additions & 3 deletions src/lib/crypto/openssl/enc_provider/rc4.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ struct arcfour_state {

/* In-place IOV crypto */
static krb5_error_code
k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
size_t num_data)
{
size_t i;
Expand All @@ -66,7 +66,7 @@ k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
EVP_CIPHER_CTX *ctx = NULL;
struct arcfour_state *arcstate;

arcstate = (state != NULL) ? (struct arcfour_state *) state->data : NULL;
arcstate = (state != NULL) ? (void *)state->data : NULL;
if (arcstate != NULL) {
ctx = arcstate->ctx;
if (arcstate->loopback != arcstate)
Expand Down Expand Up @@ -113,7 +113,7 @@ k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
static void
k5_arcfour_free_state(krb5_data *state)
{
struct arcfour_state *arcstate = (struct arcfour_state *) state->data;
struct arcfour_state *arcstate = (void *)state->data;

EVP_CIPHER_CTX_free(arcstate->ctx);
free(arcstate);
Expand All @@ -125,6 +125,15 @@ k5_arcfour_init_state(const krb5_keyblock *key,
{
struct arcfour_state *arcstate;

/*
* The cipher state here is a saved pointer to a struct arcfour_state
* object, rather than a flat byte array as in most enc providers. The
* object includes a loopback pointer to detect if if the caller made a
* copy of the krb5_data value or otherwise assumed it was a simple byte
* array. When we cast the data pointer back, we need to go through void *
* to avoid increased alignment warnings.
*/

/* Create a state structure with an uninitialized context. */
arcstate = calloc(1, sizeof(*arcstate));
if (arcstate == NULL)
Expand Down

0 comments on commit 1cd41d7

Please sign in to comment.