Re: Test case for Coverity finding on shift amount in gf2n.cpp

[Jeffrey Walton]

On Tuesday, November 17, 2015 at 4:38:44 AM UTC-5, Jeffrey Walton wrote:
>
>
> My question is, how can we craft a test case to tickle that finding? 
>>
>> I've looked at the issue and my conclusion is that the system is making a 
>> mistake (may be wrong though).
>>
>> It assumes that t1 may get up to 63 in step 27, it then goes through a 
>> standard-for-loop, noticing that j=0 < 1 = 64 - 63 in step 28 and 29, 
>> meaning we get back to the start of the loop (step 30) but now we increment 
>> to j=1 (step 31) and check if j = 1 < 1 = 64 - 63 (step 32), which is 
>> obviously false, so t1 + j couldn't get 63 + 1 (which results undefined 
>> behavior) but only 63 + 0 (which is allowed).
>>
> OK, thanks. I'm still not clear on it. Its not your analysis, my analysis 
> or Coverity's analysis... Its simply error'ing on the side of caution.
>
> Here's what we are interested int:
>
>         for (unsigned int j=0; j<WORD_BITS-t1; j++)
>                 temp ^= ((temp >> j) & 1) << (t1 + j);
>
> temp ^= ((temp >> j) & 1) << (t1 + j) reduces to:
>
>         x << (t1 + j);
>
> Here's the equality we are interested in:
>
>         (t1 + j) < WORD_BITS-t1
>
> And it must be less than WORD_BITS. So we should be able to assert on:
>
>         2 * t1 + j < WORD_BITS
>
> Does that sound about right?
>

This assert fires:

    EC2N validation suite running...

    Assertion failed: (2*t1+j < WORD_BITS), function MultiplicativeInverse, 
file gf2n.cpp, line 720.
    Abort trap: 6

We have to get to the bottom of this so we can clear the finding. I can't 
let Dr. Guttman's Cryptlib exceed us 
(http://scan.coverity.com/projects/cryptlib). 

Dr. Guttman is a good guy. He's writes some of the tightest, cleanest code 
I have seen. He also writes self-debugging code, which is rare in the open 
source world. It probably explains why his defect rate is so low: his code 
alerts him of problems, so he does not have to waste time tracking problems 
down.

Jeff

-- 
-- 
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com.
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.
--- 
You received this message because you are subscribed to the Google Groups 
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cryptopp-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.