Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Avoid signed left shift overflows in curve25519-donna: automated conv…
…ersion Convert all << and <<= to SHL32/64 macros for safe unsigned bitwise operations in generic curve25519-donna.c (c64 is not affected) using the perl script below, a simplified version of scripts/maint/safe_shl.pl Behaviour and assembly code shouldn't change, as this patch makes explicit the existing assumption that bits that are shifted out the left are ignored. Fixes bug 13538. #!/usr/bin/perl -p -w -i BEGIN { %vartypes = (); } if (/^[{}]/) { %vartypes = (); } # Discover the type of each variable if (/(?:(?:^ *)|(?:\())(?:const +)?s(\d+) +([a-zA-Z_][_a-zA-Z0-9]*)(\[\d+\])?/) { # capture s\d\d declared in function arguments, and/or as arrays if (defined $3) { $vartypes{"*".$2} = $1; } else { $vartypes{$2} = $1; } } elsif (/(?:(?:^ *)|(?:\())limb +((?:\*)?[a-zA-Z_][_a-zA-Z0-9]*)/) { # capture limb declared in function arguments, and/or as pointers $vartypes{$1} = '64'; } # This fixes at most one shift per line. But that's all the code does. if (/([a-zA-Z_][a-zA-Z_0-9]*)(?:\[\d+\])? *<< *(\d+)/) { $v = $1; if (exists $vartypes{$v}) { # replace a << n s/$v *<< *(\d+)/SHL$vartypes{$v}($v,$1)/; } elsif (exists $vartypes{"*".$v}) { # replace a[i] << n s/$v(\[\d+\]) *<< *(\d+)/SHL$vartypes{"*".$v}($v$1,$2)/; } } elsif (/([a-zA-Z_][a-zA-Z_0-9]*)(?:\[\d+\])? *<<= *(\d+)/) { $v = $1; if (exists $vartypes{$v}) { # replace a <<= n s/$v *<<= *(\d+)/$v = SHL$vartypes{$v}($v,$1)/; } elsif (exists $vartypes{"*".$v}) { # replace a[i] <<= n s/$v(\[\d+\]) *<<= *(\d+)/$v$1 = SHL$vartypes{"*".$v}($v$1,$2)/; } } # Remove extra parenthesis s/\(SHL64\((.*)\)\)/SHL64\($1\)/; s/\(SHL32\((.*)\)\)/SHL32\($1\)/;
- Loading branch information