aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
authorSimon Warta <[email protected]>2015-06-30 10:38:52 +0200
committerSimon Warta <[email protected]>2015-06-30 10:38:52 +0200
commitabe4c5c8d9b88aafa6f8b745f9100d4dbd754e20 (patch)
tree295eafb79cab7843888133abbad07fb983915520 /src/lib
parentb90187419f64b6d38d19c888985d58f902336677 (diff)
parent1de5fc1419add86884df97580d7a2e745ad43bff (diff)
Merge pull request #154 from webmaster128/bounds-fixes
Remainings fixes before Botan runs fine in debug mode
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/alloc/secmem.h25
-rw-r--r--src/lib/asn1/ber_dec.cpp4
-rw-r--r--src/lib/block/serpent/serpent.cpp2
-rw-r--r--src/lib/mac/poly1305/poly1305.cpp6
-rw-r--r--src/lib/math/bigint/bigint.h6
-rw-r--r--src/lib/modes/cfb/cfb.cpp10
-rw-r--r--src/lib/pubkey/mceies/mceies.cpp6
-rw-r--r--src/lib/tls/msg_certificate.cpp4
-rw-r--r--src/lib/tls/tls_handshake_io.cpp10
-rw-r--r--src/lib/tls/tls_record.cpp4
10 files changed, 56 insertions, 21 deletions
diff --git a/src/lib/alloc/secmem.h b/src/lib/alloc/secmem.h
index b583aa812..98707ad4e 100644
--- a/src/lib/alloc/secmem.h
+++ b/src/lib/alloc/secmem.h
@@ -108,7 +108,10 @@ size_t buffer_insert(std::vector<T, Alloc>& buf,
size_t input_length)
{
const size_t to_copy = std::min(input_length, buf.size() - buf_offset);
- copy_mem(&buf[buf_offset], input, to_copy);
+ if (to_copy > 0)
+ {
+ copy_mem(&buf[buf_offset], input, to_copy);
+ }
return to_copy;
}
@@ -118,7 +121,10 @@ size_t buffer_insert(std::vector<T, Alloc>& buf,
const std::vector<T, Alloc2>& input)
{
const size_t to_copy = std::min(input.size(), buf.size() - buf_offset);
- copy_mem(&buf[buf_offset], input.data(), to_copy);
+ if (to_copy > 0)
+ {
+ copy_mem(&buf[buf_offset], input.data(), to_copy);
+ }
return to_copy;
}
@@ -129,7 +135,10 @@ operator+=(std::vector<T, Alloc>& out,
{
const size_t copy_offset = out.size();
out.resize(out.size() + in.size());
- copy_mem(&out[copy_offset], in.data(), in.size());
+ if (in.size() > 0)
+ {
+ copy_mem(&out[copy_offset], in.data(), in.size());
+ }
return out;
}
@@ -146,7 +155,10 @@ std::vector<T, Alloc>& operator+=(std::vector<T, Alloc>& out,
{
const size_t copy_offset = out.size();
out.resize(out.size() + in.second);
- copy_mem(&out[copy_offset], in.first, in.second);
+ if (in.second > 0)
+ {
+ copy_mem(&out[copy_offset], in.first, in.second);
+ }
return out;
}
@@ -156,7 +168,10 @@ std::vector<T, Alloc>& operator+=(std::vector<T, Alloc>& out,
{
const size_t copy_offset = out.size();
out.resize(out.size() + in.second);
- copy_mem(&out[copy_offset], in.first, in.second);
+ if (in.second > 0)
+ {
+ copy_mem(&out[copy_offset], in.first, in.second);
+ }
return out;
}
diff --git a/src/lib/asn1/ber_dec.cpp b/src/lib/asn1/ber_dec.cpp
index e9133d50f..06543d9e7 100644
--- a/src/lib/asn1/ber_dec.cpp
+++ b/src/lib/asn1/ber_dec.cpp
@@ -220,7 +220,7 @@ BER_Object BER_Decoder::get_next_object()
size_t length = decode_length(source);
next.value.resize(length);
- if(source->read(&next.value[0], length) != length)
+ if(source->read(next.value.data(), length) != length)
throw BER_Decoding_Error("Value truncated");
if(next.type_tag == EOC && next.class_tag == UNIVERSAL)
@@ -254,7 +254,7 @@ BER_Decoder BER_Decoder::start_cons(ASN1_Tag type_tag,
BER_Object obj = get_next_object();
obj.assert_is_a(type_tag, ASN1_Tag(class_tag | CONSTRUCTED));
- BER_Decoder result(&obj.value[0], obj.value.size());
+ BER_Decoder result(obj.value.data(), obj.value.size());
result.parent = this;
return result;
}
diff --git a/src/lib/block/serpent/serpent.cpp b/src/lib/block/serpent/serpent.cpp
index 0fd76ce8f..b809e602c 100644
--- a/src/lib/block/serpent/serpent.cpp
+++ b/src/lib/block/serpent/serpent.cpp
@@ -195,7 +195,7 @@ void Serpent::key_schedule(const byte key[], size_t length)
SBoxE6(W[128],W[129],W[130],W[131]); SBoxE5(W[132],W[133],W[134],W[135]);
SBoxE4(W[136],W[137],W[138],W[139]);
- round_key.assign(&W[8], &W[140]);
+ round_key.assign(W.begin() + 8, W.end());
}
void Serpent::clear()
diff --git a/src/lib/mac/poly1305/poly1305.cpp b/src/lib/mac/poly1305/poly1305.cpp
index 545a749fa..506150b0f 100644
--- a/src/lib/mac/poly1305/poly1305.cpp
+++ b/src/lib/mac/poly1305/poly1305.cpp
@@ -190,7 +190,11 @@ void Poly1305::final_result(byte out[])
if(m_buf_pos != 0)
{
m_buf[m_buf_pos] = 1;
- clear_mem(&m_buf[m_buf_pos+1], m_buf.size() - m_buf_pos - 1);
+ const auto len = m_buf.size() - m_buf_pos - 1;
+ if (len > 0)
+ {
+ clear_mem(&m_buf[m_buf_pos+1], len);
+ }
poly1305_blocks(m_poly, m_buf.data(), 1, true);
}
diff --git a/src/lib/math/bigint/bigint.h b/src/lib/math/bigint/bigint.h
index 3f329c451..fed986882 100644
--- a/src/lib/math/bigint/bigint.h
+++ b/src/lib/math/bigint/bigint.h
@@ -278,7 +278,11 @@ class BOTAN_DLL BigInt
if(top_word < size())
{
- clear_mem(&m_reg[top_word+1], size() - (top_word + 1));
+ const auto len = size() - (top_word + 1);
+ if (len > 0)
+ {
+ clear_mem(&m_reg[top_word+1], len);
+ }
m_reg[top_word] &= mask;
}
}
diff --git a/src/lib/modes/cfb/cfb.cpp b/src/lib/modes/cfb/cfb.cpp
index 7e4048a2b..e98d10cb3 100644
--- a/src/lib/modes/cfb/cfb.cpp
+++ b/src/lib/modes/cfb/cfb.cpp
@@ -100,7 +100,10 @@ void CFB_Encryption::update(secure_vector<byte>& buffer, size_t offset)
xor_buf(buf, &keystream_buf()[0], took);
// Assumes feedback-sized block except for last input
- copy_mem(state.data(), &state[shift], BS - shift);
+ if (BS - shift > 0)
+ {
+ copy_mem(state.data(), &state[shift], BS - shift);
+ }
copy_mem(&state[BS-shift], buf, took);
cipher().encrypt(state, keystream_buf());
@@ -130,7 +133,10 @@ void CFB_Decryption::update(secure_vector<byte>& buffer, size_t offset)
const size_t took = std::min(shift, sz);
// first update shift register with ciphertext
- copy_mem(state.data(), &state[shift], BS - shift);
+ if (BS - shift > 0)
+ {
+ copy_mem(state.data(), &state[shift], BS - shift);
+ }
copy_mem(&state[BS-shift], buf, took);
// then decrypt
diff --git a/src/lib/pubkey/mceies/mceies.cpp b/src/lib/pubkey/mceies/mceies.cpp
index 6b013c250..9e9ae1cb8 100644
--- a/src/lib/pubkey/mceies/mceies.cpp
+++ b/src/lib/pubkey/mceies/mceies.cpp
@@ -58,8 +58,8 @@ mceies_encrypt(const McEliece_PublicKey& pubkey,
secure_vector<byte> msg(mce_ciphertext.size() + nonce.size() + pt.size());
copy_mem(msg.data(), mce_ciphertext.data(), mce_ciphertext.size());
- copy_mem(&msg[mce_ciphertext.size()], nonce.data(), nonce.size());
- copy_mem(&msg[mce_ciphertext.size() + nonce.size()], pt.data(), pt.size());
+ copy_mem(msg.data() + mce_ciphertext.size(), nonce.data(), nonce.size());
+ copy_mem(msg.data() + mce_ciphertext.size() + nonce.size(), pt.data(), pt.size());
aead->start(nonce);
aead->finish(msg, mce_ciphertext.size() + nonce.size());
@@ -91,7 +91,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey,
aead->set_key(aead_key(mce_key, *aead));
aead->set_associated_data(ad, ad_len);
- secure_vector<byte> pt(&ct[mce_code_bytes + nonce_len], &ct[ct.size()]);
+ secure_vector<byte> pt(ct.begin() + mce_code_bytes + nonce_len, ct.end());
aead->start(&ct[mce_code_bytes], nonce_len);
aead->finish(pt, 0);
diff --git a/src/lib/tls/msg_certificate.cpp b/src/lib/tls/msg_certificate.cpp
index 99722c306..f0ccc5328 100644
--- a/src/lib/tls/msg_certificate.cpp
+++ b/src/lib/tls/msg_certificate.cpp
@@ -41,9 +41,9 @@ Certificate::Certificate(const std::vector<byte>& buf)
if(total_size != buf.size() - 3)
throw Decoding_Error("Certificate: Message malformed");
- const byte* certs = &buf[3];
+ const byte* certs = buf.data() + 3;
- while(size_t remaining_bytes = &buf[buf.size()] - certs)
+ while(size_t remaining_bytes = buf.data() + buf.size() - certs)
{
if(remaining_bytes < 3)
throw Decoding_Error("Certificate: Message malformed");
diff --git a/src/lib/tls/tls_handshake_io.cpp b/src/lib/tls/tls_handshake_io.cpp
index d4633becd..6286eab08 100644
--- a/src/lib/tls/tls_handshake_io.cpp
+++ b/src/lib/tls/tls_handshake_io.cpp
@@ -95,7 +95,10 @@ Stream_Handshake_IO::format(const std::vector<byte>& msg,
store_be24(&send_buf[1], buf_size);
- copy_mem(&send_buf[4], msg.data(), msg.size());
+ if (msg.size() > 0)
+ {
+ copy_mem(&send_buf[4], msg.data(), msg.size());
+ }
return send_buf;
}
@@ -350,7 +353,10 @@ Datagram_Handshake_IO::format_fragment(const byte fragment[],
store_be24(&send_buf[6], frag_offset);
store_be24(&send_buf[9], frag_len);
- copy_mem(&send_buf[12], fragment, frag_len);
+ if (frag_len > 0)
+ {
+ copy_mem(&send_buf[12], fragment, frag_len);
+ }
return send_buf;
}
diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp
index c384611e9..3ba02f039 100644
--- a/src/lib/tls/tls_record.cpp
+++ b/src/lib/tls/tls_record.cpp
@@ -491,7 +491,7 @@ size_t read_tls_record(secure_vector<byte>& readbuf,
if(epoch == 0) // Unencrypted initial handshake
{
- record.assign(&readbuf[TLS_HEADER_SIZE], &readbuf[TLS_HEADER_SIZE + record_len]);
+ record.assign(readbuf.begin() + TLS_HEADER_SIZE, readbuf.begin() + TLS_HEADER_SIZE + record_len);
readbuf.clear();
return 0; // got a full record
}
@@ -578,7 +578,7 @@ size_t read_dtls_record(secure_vector<byte>& readbuf,
if(epoch == 0) // Unencrypted initial handshake
{
- record.assign(&readbuf[DTLS_HEADER_SIZE], &readbuf[DTLS_HEADER_SIZE + record_len]);
+ record.assign(readbuf.begin() + DTLS_HEADER_SIZE, readbuf.begin() + DTLS_HEADER_SIZE + record_len);
readbuf.clear();
return 0; // got a full record
}