From 092b3cb467b0cf38c3b010eed3f0395cc66e7aaf Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Tue, 15 Aug 2017 04:42:12 -0400 Subject: [PATCH 1/2] Backed off assert. Its too noisy --- cryptlib.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cryptlib.cpp b/cryptlib.cpp index 3cac112f..162a9b81 100644 --- a/cryptlib.cpp +++ b/cryptlib.cpp @@ -320,8 +320,7 @@ void RandomNumberGenerator::GenerateIntoBufferedTransformation(BufferedTransform { size_t len = UnsignedMin(buffer.size(), length); GenerateBlock(buffer, len); - size_t rem = target.ChannelPut(channel, buffer, len); - CRYPTOPP_UNUSED(rem); CRYPTOPP_ASSERT(rem == 0); + (void)target.ChannelPut(channel, buffer, len); length -= len; } } From 6f36c7deae4da4e91759ffad0a3b53c94c5610c3 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Tue, 15 Aug 2017 08:51:03 -0400 Subject: [PATCH 2/2] Cleared UBsan finding in Default's GenerateKeyIV passed: 128 deflates and inflates passed: 128 zlib decompress and compress default.cpp:69:2: runtime error: null pointer passed as argument 2, which is declared to never be null /usr/include/x86_64-linux-gnu/bits/string3.h:53:71: runtime error: null pointer passed as argument 2, which is declared to never be null Information Dispersal and Secret Sharing... --- default.cpp | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/default.cpp b/default.cpp index 5db0f6fc..eda6cb14 100644 --- a/default.cpp +++ b/default.cpp @@ -65,9 +65,14 @@ static void Mash(const byte *in, size_t inLen, byte *out, size_t outLen, int ite template static void GenerateKeyIV(const byte *passphrase, size_t passphraseLength, const byte *salt, size_t saltLength, unsigned int iterations, byte *key, byte *IV) { + // UBsan. User supplied params, may be NULL SecByteBlock temp(passphraseLength+saltLength); - memcpy(temp, passphrase, passphraseLength); - memcpy(temp+passphraseLength, salt, saltLength); + if (passphrase != NULLPTR) + memcpy(temp, passphrase, passphraseLength); + if (salt != NULLPTR) + memcpy(temp+passphraseLength, salt, saltLength); + + // OK. Derived params, cannot be NULL SecByteBlock keyIV(Info::KEYLENGTH+Info::BLOCKSIZE); Mash(temp, passphraseLength + saltLength, keyIV, Info::KEYLENGTH+Info::BLOCKSIZE, iterations); memcpy(key, keyIV, Info::KEYLENGTH);