Fixes for a few more fsanitize issues. Added alignment for ForceZero. Added word32 aligned acceleration for ForceZeero. Added 'NO_ALIGNED_FORCEZERO' define to allow disabling aligned ForceZero acceleration. We cast the 24 left-shifts to word32 because compiler assumes signed int type, and a runtime value with MSB set results into runtime fsanitize error.

2025-08-01 03:34:39 +02:00 · 2018-05-16 13:27:13 -07:00
parent f021375c4b
commit 52b66edf72
3 changed files with 27 additions and 6 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -3612,10 +3612,8 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version)
 /* Make a work from the front of random hash */
 static INLINE word32 MakeWordFromHash(const byte* hashID)
 {
-    return (((word32)hashID[0] << 24) |
-            ((word32)hashID[1] << 16) |
-            ((word32)hashID[2] <<  8) |
-            ((word32)hashID[3]));
+    return ((word32)hashID[0] << 24) | (hashID[1] << 16) |
+        (hashID[2] <<  8) | hashID[3];
 }

 #endif /* !NO_CERTS || !NO_SESSION_CACHE */
--- a/wolfcrypt/src/misc.c
+++ b/wolfcrypt/src/misc.c
@@ -199,13 +199,36 @@ STATIC INLINE void xorbuf(void* buf, const void* mask, word32 count)
 STATIC INLINE void ForceZero(const void* mem, word32 len)
 {
    volatile byte* z = (volatile byte*)mem;
+
+#ifndef NO_ALIGNED_FORCEZERO
 #if defined(WOLFSSL_X86_64_BUILD) && defined(WORD64_AVAILABLE)
    volatile word64* w;

+    /* align buffer */
+    while (len && ((word64)z % sizeof(word64)) != 0) {
+        *z++ = 0; len--;
+    }
+
+    /* do aligned force zero */
    for (w = (volatile word64*)z; len >= sizeof(*w); len -= sizeof(*w))
        *w++ = 0;
    z = (volatile byte*)w;
+#else
+    volatile word32* w;
+
+    /* align buffer */
+    while (len && ((word32)z % sizeof(word32)) != 0) {
+        *z++ = 0; len--;
+    }
+
+    /* do aligned force zero */
+    for (w = (volatile word32*)z; len >= sizeof(*w); len -= sizeof(*w))
+        *w++ = 0;
+    z = (volatile byte*)w;
 #endif
+#endif /* NO_ALIGNED_FORCEZERO */
+
+    /* do byte by byte force zero */
    while (len--) *z++ = 0;
 }

@@ -292,7 +315,7 @@ STATIC INLINE void ato16(const byte* c, word16* wc_u16)
 /* convert opaque to 32 bit integer */
 STATIC INLINE void ato32(const byte* c, word32* wc_u32)
 {
-    *wc_u32 = (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3];
+    *wc_u32 = ((word32)c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3];
 }


--- a/wolfcrypt/src/pwdbased.c
+++ b/wolfcrypt/src/pwdbased.c
@@ -645,7 +645,7 @@ static void scryptROMix(byte* x, byte* v, byte* y, int r, word32 n)
 #endif
 #else
        byte* t = x + (2*r - 1) * 64;
-        j = (t[0] | (t[1] << 8) | (t[2] << 16) | (t[3] << 24)) & (n-1);
+        j = (t[0] | (t[1] << 8) | (t[2] << 16) | ((word32)t[3] << 24)) & (n-1);
 #endif
 #ifdef WORD64_AVAILABLE
        for (k = 0; k < bSz / 8; k++)