Coverity warning about code in smult_curve25519_ref.c
Andrew Worsley
amworsley at gmail.com
Mon Aug 20 12:12:59 AEST 2018
Hi can some one point me to someone who understands how the following
code in smult_curve25519_ref.c
square() is *NOT* a buffer overrun.
I understand that it is called from places with 64 entry arrays but still
unsigned int c1[64];
....
square(r,c1 + 32); - where c1 is a 64 entry array sounds dangerous.
Where:
static void square(unsigned int out[32],const unsigned int a[32])
{
unsigned int i;
unsigned int j;
unsigned int u;
for (i = 0;i < 32;++i) {
u = 0;
for (j = 0;j < i - j;++j) u += a[j] * a[i - j];
for (j = i + 1;j < i + 32 - j;++j) u += 38 * a[j] * a[i + 32 - j];
u *= 2;
if ((i & 1) == 0) {
u += a[i / 2] * a[i / 2];
u += 38 * a[i / 2 + 16] * a[i / 2 + 16];
}
out[i] = u;
}
squeeze(out);
}
Even if this code is valid - would it not be wise to ask someone to
revise it to be more transparent and easily verifiable?
Thanks
Andrew
More information about the openssh-unix-dev
mailing list