diff options
| author | Keith Randall <khr@golang.org> | 2023-03-30 09:52:39 -0700 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2023-04-05 16:51:32 +0000 |
| commit | dcc9bdf38037af6197f3f50968badb1f0db82e10 (patch) | |
| tree | 84e34ee5c4ef1da0b9dd817337a3e55a4ab65a9e | |
| parent | 5c7c20e262bdef14c23bd07950bde94ba335ee63 (diff) | |
| download | go-git-dcc9bdf38037af6197f3f50968badb1f0db82e10.tar.gz | |
[release-branch.go1.20] crypto/subtle: don't cast to *uintptr when word size is 0
Casting to a *uintptr is not ok if there isn't at least 8 bytes of
data backing that pointer (on 64-bit archs).
So although we end up making a slice of 0 length with that pointer,
the cast itself doesn't know that.
Instead, bail early if the result is going to be 0 length.
Fixes #59336
Change-Id: Id3c0e09d341d838835c0382cccfb0f71dc3dc7e6
Reviewed-on: https://go-review.googlesource.com/c/go/+/480575
Run-TryBot: Keith Randall <khr@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
(cherry picked from commit 297cf6dd31bd99fc4ccda320aa3d4faf290ab278)
Reviewed-on: https://go-review.googlesource.com/c/go/+/481238
Reviewed-by: Keith Randall <khr@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Run-TryBot: Michael Knyszek <mknyszek@google.com>
| -rw-r--r-- | src/crypto/subtle/xor_generic.go | 8 | ||||
| -rw-r--r-- | test/fixedbugs/issue59334.go | 18 |
2 files changed, 25 insertions, 1 deletions
diff --git a/src/crypto/subtle/xor_generic.go b/src/crypto/subtle/xor_generic.go index 482fcf9b4b..7dc89e315b 100644 --- a/src/crypto/subtle/xor_generic.go +++ b/src/crypto/subtle/xor_generic.go @@ -46,7 +46,13 @@ func aligned(dst, x, y *byte) bool { // words returns a []uintptr pointing at the same data as x, // with any trailing partial word removed. func words(x []byte) []uintptr { - return unsafe.Slice((*uintptr)(unsafe.Pointer(&x[0])), uintptr(len(x))/wordSize) + n := uintptr(len(x)) / wordSize + if n == 0 { + // Avoid creating a *uintptr that refers to data smaller than a uintptr; + // see issue 59334. + return nil + } + return unsafe.Slice((*uintptr)(unsafe.Pointer(&x[0])), n) } func xorLoop[T byte | uintptr](dst, x, y []T) { diff --git a/test/fixedbugs/issue59334.go b/test/fixedbugs/issue59334.go new file mode 100644 index 0000000000..06c12cf92f --- /dev/null +++ b/test/fixedbugs/issue59334.go @@ -0,0 +1,18 @@ +// run -tags=purego -gcflags=all=-d=checkptr + +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package main + +import "crypto/subtle" + +func main() { + dst := make([]byte, 5) + src := make([]byte, 5) + for _, n := range []int{1024, 2048} { // just to make the size non-constant + b := make([]byte, n) + subtle.XORBytes(dst, src, b[n-5:]) + } +} |