]>
Commit | Line | Data |
---|---|---|
fda2b22e AM |
1 | >From d1d577490c15a0c6862473d7576352a9f18ef811 Mon Sep 17 00:00:00 2001 |
2 | From: Mark Adler <madler@alumni.caltech.edu> | |
3 | Date: Wed, 28 Sep 2016 20:20:25 -0700 | |
4 | Subject: [PATCH] Avoid pre-decrement of pointer in big-endian CRC calculation. | |
5 | ||
6 | There was a small optimization for PowerPCs to pre-increment a | |
7 | pointer when accessing a word, instead of post-incrementing. This | |
8 | required prefacing the loop with a decrement of the pointer, | |
9 | possibly pointing before the object passed. This is not compliant | |
10 | with the C standard, for which decrementing a pointer before its | |
11 | allocated memory is undefined. When tested on a modern PowerPC | |
12 | with a modern compiler, the optimization no longer has any effect. | |
13 | Due to all that, and per the recommendation of a security audit of | |
14 | the zlib code by Trail of Bits and TrustInSoft, in support of the | |
15 | Mozilla Foundation, this "optimization" was removed, in order to | |
16 | avoid the possibility of undefined behavior. | |
17 | --- | |
18 | crc32.c | 4 +--- | |
19 | 1 file changed, 1 insertion(+), 3 deletions(-) | |
20 | ||
21 | diff --git a/zlib/crc32.c b/zlib/crc32.c | |
22 | index 979a7190..05733f4e 100644 | |
23 | --- a/zlib/crc32.c | |
24 | +++ b/zlib/crc32.c | |
25 | @@ -278,7 +278,7 @@ local unsigned long crc32_little(crc, buf, len) | |
26 | } | |
27 | ||
28 | /* ========================================================================= */ | |
29 | -#define DOBIG4 c ^= *++buf4; \ | |
30 | +#define DOBIG4 c ^= *buf4++; \ | |
31 | c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \ | |
32 | crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24] | |
33 | #define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4 | |
34 | @@ -300,7 +300,6 @@ local unsigned long crc32_big(crc, buf, len) | |
35 | } | |
36 | ||
37 | buf4 = (const z_crc_t FAR *)(const void FAR *)buf; | |
38 | - buf4--; | |
39 | while (len >= 32) { | |
40 | DOBIG32; | |
41 | len -= 32; | |
42 | @@ -309,7 +308,6 @@ local unsigned long crc32_big(crc, buf, len) | |
43 | DOBIG4; | |
44 | len -= 4; | |
45 | } | |
46 | - buf4++; | |
47 | buf = (const unsigned char FAR *)buf4; | |
48 | ||
49 | if (len) do { |