[Forensics-changes] [yara] 144/192: Fix undefined behavior in hash (#642)
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:31:58 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.6.0
in repository yara.
commit 7fd1330917573bf7074bd366eee0792bbdd8bbcf
Author: Nate Rosenblum <flander at gmail.com>
Date: Thu Apr 20 12:07:52 2017 -0700
Fix undefined behavior in hash (#642)
The previous rotation implementation invoked undefined behavior for
every index in the target string where i % 32 == 0. Found via ASan.
Fixes #641
---
libyara/hash.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/libyara/hash.c b/libyara/hash.c
index b515677..776d96c 100644
--- a/libyara/hash.c
+++ b/libyara/hash.c
@@ -35,9 +35,15 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <yara/mem.h>
#include <yara/error.h>
-#define ROTATE_INT32(x, shift) \
- ((x << (shift % 32)) | (x >> (32 - (shift % 32))))
+// Constant-time left rotate that does not invoke undefined behavior.
+// http://blog.regehr.org/archives/1063
+uint32_t rotl32(uint32_t x, uint32_t shift) {
+ assert(shift < 32);
+ return (x << shift) | (x >> (-shift & 31));
+}
+#define ROTATE_INT32(x, shift) \
+ rotl32(x, shift % 32)
uint32_t byte_to_int32[] =
{
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list