[Cryptech-Commits] [sw/libhal] branch master updated: Unconditionally set the allocated flag when initializing a hash state structure.

git at cryptech.is git at cryptech.is
Tue Aug 22 17:29:37 UTC 2017


This is an automated email from the git hooks/post-receive script.

paul at psgd.org pushed a commit to branch master
in repository sw/libhal.

The following commit(s) were added to refs/heads/master by this push:
     new 6363630  Unconditionally set the allocated flag when initializing a hash state structure.
6363630 is described below

commit 63636301593c8a3952afae61c1b5f279c27f69ea
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Mon Jul 31 23:06:33 2017 -0400

    Unconditionally set the allocated flag when initializing a hash state
    structure.
    
    When running multiple concurrent unit tests, I observed multiple failures
    in the hmac tests, which I ultimately tracked down to different clients
    sharing the same hal_hmac_state struct.
    
    hal_hash_initialize is called twice in hal_hmac_initialize (once to get
    the state structure, then again if the supplied key is too long), and is
    called in hal_hmac_finalize, to hash the digest with the supplied key. In
    these subsequent cases, the caller supplies the state structure, which
    hal_hash_initialize zeroes, but it doesn't set the allocated flag. This
    marks an in-use struct as available, so it gets reassigned and
    reinitialized, and Bad Things Happen for both clients that are trying to
    use it.
---
 hash.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/hash.c b/hash.c
index 2c745a8..fa30b60 100644
--- a/hash.c
+++ b/hash.c
@@ -443,10 +443,7 @@ hal_error_t hal_hash_initialize(hal_core_t *core,
   state->descriptor = descriptor;
   state->driver = driver;
   state->core = core;
-  state->flags = flags;
-
-  if (state_buffer == NULL)
-    state->flags |= STATE_FLAG_STATE_ALLOCATED;
+  state->flags = flags | STATE_FLAG_STATE_ALLOCATED;
 
   *state_ = state;
 
@@ -777,9 +774,6 @@ hal_error_t hal_hmac_initialize(hal_core_t *core,
                                  sizeof(state->hash_state))) != HAL_OK)
     goto fail;
 
-  if (state_buffer == NULL)
-    h->flags |= STATE_FLAG_STATE_ALLOCATED;
-
   /*
    * If the supplied HMAC key is longer than the hash block length, we
    * need to hash the supplied HMAC key to get the real HMAC key.

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Commits mailing list