Skip to content

crypto: fix UB in computing max message size#21462

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bnoordhuis wants to merge 0 commits into from
Closed

crypto: fix UB in computing max message size #21462

bnoordhuis wants to merge 0 commits into from

Conversation

@bnoordhuis
Copy link
Member

@bnoordhuisbnoordhuis commented Jun 22, 2018

Before this commit it computed (1<<(8*(15-iv_len)))-1 for iv_len>=11
and that reduces to (1<<32)-1 for iv_len==11. Left-shifting past
the sign bit and overflowing a signed integral type are both undefined
behaviors.

This commit switches to fixed values and restricts the iv_len==11
case to INT_MAX, as was already the case for all iv_len<=10.

@bnoordhuisbnoordhuis requested a review from tniessenJune 22, 2018 11:11
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 22, 2018

@bnoordhuis build started: https://ci.nodejs.org/blue/organizations/jenkins/node-test-pull-request-lite-pipeline/detail/node-test-pull-request-lite-pipeline/120/pipeline

@nodejs-github-botnodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. labels Jun 22, 2018
@bnoordhuisbnoordhuis mentioned this pull request Jun 25, 2018
Closed
4 tasks
@bnoordhuisbnoordhuisforce-pushed the fix-crypto-auth-iv-ub branch from 6bdf825 to 19fe529CompareJune 25, 2018 21:46
bnoordhuis added a commit to bnoordhuis/io.js that referenced this pull request Jun 25, 2018
@bnoordhuis
crypto: fix UB in computing max message size
19fe529
Before this commit it computed `(1<<(8*(15-iv_len)))-1` for `iv_len>=11` and that reduces to `(1<<32)-1` for `iv_len==11`. Left-shifting past the sign bit and overflowing a signed integral type are both undefined behaviors. This commit switches to fixed values and restricts the `iv_len==11` case to `INT_MAX`, as was already the case for all `iv_len<=10`. PR-URL: nodejs#21462 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
@bnoordhuisbnoordhuis deleted the fix-crypto-auth-iv-ub branch June 25, 2018 21:46
@bnoordhuis
Copy link
MemberAuthor

bnoordhuis commented Jun 25, 2018

Landed in 19fe529.

targos pushed a commit that referenced this pull request Jun 26, 2018
@bnoordhuis@targos
crypto: fix UB in computing max message size
45a8376
Before this commit it computed `(1<<(8*(15-iv_len)))-1` for `iv_len>=11` and that reduces to `(1<<32)-1` for `iv_len==11`. Left-shifting past the sign bit and overflowing a signed integral type are both undefined behaviors. This commit switches to fixed values and restricts the `iv_len==11` case to `INT_MAX`, as was already the case for all `iv_len<=10`. PR-URL: #21462 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
@targostargos mentioned this pull request Jul 3, 2018
Merged
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasnelljasnelljasnell approved these changes

@cjihrigcjihrigcjihrig approved these changes

@tniessentniessentniessen approved these changes

Assignees

No one assigned

Labels

c++Issues and PRs that require attention from people who are familiar with C++.cryptoIssues and PRs related to the crypto subsystem.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@bnoordhuis@nodejs-github-bot@jasnell@cjihrig@tniessen