From 50f99ae802de7258a7313fd2ae4bd320e0154f34 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Tue, 10 Jul 2018 09:21:52 -0400 Subject: [PATCH] Increase use of ptrdiff_t when performing pointer math --- filters.cpp | 15 ++++++++------- misc.h | 30 ++++++++++++++++++++++++++++++ test.cpp | 12 +++++++++++- 3 files changed, 49 insertions(+), 8 deletions(-) diff --git a/filters.cpp b/filters.cpp index 52cbd345..7303a2a1 100644 --- a/filters.cpp +++ b/filters.cpp @@ -264,7 +264,7 @@ byte *FilterWithBufferedInput::BlockQueue::GetBlock() if (m_size >= m_blockSize) { byte *ptr = m_begin; - if ((m_begin+=m_blockSize) == m_buffer.end()) + if ((m_begin = PtrAdd(m_begin, m_blockSize)) == m_buffer.end()) m_begin = m_buffer; m_size -= m_blockSize; return ptr; @@ -304,7 +304,8 @@ void FilterWithBufferedInput::BlockQueue::Put(const byte *inString, size_t lengt if (!inString || !length) return; CRYPTOPP_ASSERT(m_size + length <= m_buffer.size()); - byte *end = (m_size < size_t(m_buffer.end()-m_begin)) ? m_begin + m_size : m_begin + m_size - m_buffer.size(); + byte *end = (m_size < static_cast(PtrDiff(m_buffer.end(), m_begin)) ? + PtrAdd(m_begin, m_size) : PtrAdd(m_begin, m_size - m_buffer.size())); size_t len = STDMIN(length, size_t(m_buffer.end()-end)); memcpy(end, inString, len); if (len < length) @@ -541,7 +542,7 @@ size_t ArraySink::Put2(const byte *begin, size_t length, int messageEnd, bool bl if (m_buf && begin) { copied = STDMIN(length, SaturatingSubtract(m_size, m_total)); - memmove(m_buf+m_total, begin, copied); + memmove(PtrAdd(m_buf, m_total), begin, copied); } m_total += copied; return length - copied; @@ -550,7 +551,7 @@ size_t ArraySink::Put2(const byte *begin, size_t length, int messageEnd, bool bl byte * ArraySink::CreatePutSpace(size_t &size) { size = SaturatingSubtract(m_size, m_total); - return m_buf + m_total; + return PtrAdd(m_buf, m_total); } void ArraySink::IsolatedInitialize(const NameValuePairs ¶meters) @@ -571,7 +572,7 @@ size_t ArrayXorSink::Put2(const byte *begin, size_t length, int messageEnd, bool if (m_buf && begin) { copied = STDMIN(length, SaturatingSubtract(m_size, m_total)); - xorbuf(m_buf+m_total, begin, copied); + xorbuf(PtrAdd(m_buf, m_total), begin, copied); } m_total += copied; return length - copied; @@ -726,7 +727,7 @@ void StreamTransformationFilter::LastPut(const byte *inString, size_t length) // Process full blocks m_cipher.ProcessData(space, inString, length); AttachedTransformation()->Put(space, length); - inString += length; + inString = PtrAdd(inString, length); } if (leftOver) @@ -761,7 +762,7 @@ void StreamTransformationFilter::LastPut(const byte *inString, size_t length) size_t blockSize = STDMAX(minLastBlockSize, (size_t)m_mandatoryBlockSize); space = HelpCreatePutSpace(*AttachedTransformation(), DEFAULT_CHANNEL, blockSize); if (inString) {memcpy(space, inString, length);} - memset(space + length, 0, blockSize - length); + memset(PtrAdd(space, length), 0, blockSize - length); size_t used = m_cipher.ProcessLastBlock(space, blockSize, space, blockSize); AttachedTransformation()->Put(space, used); } diff --git a/misc.h b/misc.h index dc75bdef..54648569 100644 --- a/misc.h +++ b/misc.h @@ -386,6 +386,36 @@ inline PTR PtrSub(PTR pointer, OFF offset) return pointer-static_cast(offset); } +/// \brief Determine pointer difference +/// \tparam PTR a pointer type +/// \param pointer1 the first pointer +/// \param pointer2 the second pointer +/// \details PtrByteDiff can be used to squash Clang and GCC +/// UBsan findings for pointer addition and subtraction. +/// pointer1 and pointer2 must point to the same object or +/// array (or one past the end), and yields the number of +/// bytes (not elements) difference. +template +inline uintptr_t PtrByteDiff(const PTR pointer1, const PTR pointer2) +{ + return static_cast(pointer1) - static_cast(pointer2); +} + +/// \brief Determine pointer difference +/// \tparam PTR a pointer type +/// \param pointer1 the first pointer +/// \param pointer2 the second pointer +/// \details PtrDiff can be used to squash Clang and GCC +/// UBsan findings for pointer addition and subtraction. +/// pointer1 and pointer2 must point to the same object or +/// array (or one past the end), and yields the number of +/// elements (not bytes) difference. +template +inline ptrdiff_t PtrDiff(const PTR pointer1, const PTR pointer2) +{ + return static_cast(pointer1 - pointer2); +} + #if (!__STDC_WANT_SECURE_LIB__ && !defined(_MEMORY_S_DEFINED)) || defined(CRYPTOPP_WANT_SECURE_LIB) /// \brief Bounds checking replacement for memcpy() diff --git a/test.cpp b/test.cpp index 816a2114..48db0931 100644 --- a/test.cpp +++ b/test.cpp @@ -119,8 +119,14 @@ void FIPS140_GenerateRandomFiles(); bool Validate(int, bool, const char *); void PrintSeedAndThreads(const std::string& seed); +#define CRYPTOPP_USE_AES_GENERATOR 1 + ANONYMOUS_NAMESPACE_BEGIN +#if (CRYPTOPP_USE_AES_GENERATOR) OFB_Mode::Encryption s_globalRNG; +#else +AutoSeededRandomPool s_globalRNG; +#endif NAMESPACE_END RandomNumberGenerator & GlobalRNG() @@ -151,9 +157,13 @@ int scoped_main(int argc, char *argv[]) std::string seed = IntToString(time(NULLPTR)); seed.resize(16, ' '); - // Fetch the SymmetricCipher interface, not the RandomNumberGenerator interface, to key the underlying cipher + // Fetch the SymmetricCipher interface, not the RandomNumberGenerator + // interface, to key the underlying cipher. If CRYPTOPP_USE_AES_GENERATOR + // is 1 then perform the cast. Otherwise avoid the cast. +#if (CRYPTOPP_USE_AES_GENERATOR) OFB_Mode::Encryption& aesg = dynamic_cast::Encryption&>(GlobalRNG()); aesg.SetKeyWithIV((byte *)seed.data(), 16, (byte *)seed.data()); +#endif std::string command, executableName, macFilename;