Hello, On 27/09/2025 10:54, Jussi Kivilinna wrote:
* cipher/mceliece6688128f-patches: New. * cipher/mceliece6688128f.sh: Apply patches from 'cipher/mceliece6688128f-patches/*'. --
I had to drop this commit with patch files as git server rejects this with: remote: cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch:40: trailing whitespace. remote: + remote: cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch:44: trailing whitespace. remote: + remote: cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch:49: trailing whitespace. remote: + <...snip...> remote: error: hook declined to update refs/heads/master Should I anyway try to wrestle this change in to repo? These patch files could be packaged into tar.gz for example. -Jussi
Signed-off-by: Jussi Kivilinna <[email protected]> --- ...ece6688128f-fix-UBSAN-runtime-errors.patch | 135 +++++++++++++ ...-harden-mask-generation-against-bran.patch | 179 ++++++++++++++++++ ...-use-const-time-helper-for-memory-co.patch | 36 ++++ ...-fix-stack-overflow-crash-on-win64-w.patch | 71 +++++++ cipher/mceliece6688128f.sh | 19 ++ 5 files changed, 440 insertions(+) create mode 100644 cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch create mode 100644 cipher/mceliece6688128f-patches/0002-mceliece6688128f-harden-mask-generation-against-bran.patch create mode 100644 cipher/mceliece6688128f-patches/0003-mceliece6688128f-use-const-time-helper-for-memory-co.patch create mode 100644 cipher/mceliece6688128f-patches/0004-mceliece6688128f-fix-stack-overflow-crash-on-win64-w.patch diff --git a/cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch b/cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch new file mode 100644 index 00000000..581da04c --- /dev/null +++ b/cipher/mceliece6688128f-patches/0001-mceliece6688128f-fix-UBSAN-runtime-errors.patch @@ -0,0 +1,135 @@ +From a786e3b6bf8cdc29aaa209b6528cf9b455677e1a Mon Sep 17 00:00:00 2001 +From: Jussi Kivilinna <[email protected]> +Date: Mon, 22 Sep 2025 08:34:50 +0300 +Subject: [PATCH] mceliece6688128f: fix UBSAN runtime errors + +* cipher/mceliece6688128f.c (cbrecursion): Fix left shift of signed integer +by too many places, by casting to unsigned integer before shift. +(syndrome): Fix misaligned memory loads by using 'bufhelp.h'. +-- + +There was multiple undefined behaviour sanitizer warnings with mceliece668128f +which have been fixed by this commit: + + $ tests/t-kem + ../../cipher/mceliece6688128f.c:1766:37: runtime error: left shift of 73010 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1769:37: runtime error: left shift of 71034 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1792:39: runtime error: left shift of 72996 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1800:41: runtime error: left shift of 71344 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1807:43: runtime error: left shift of 68334 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1834:23: runtime error: left shift of 72247 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1833:19: runtime error: left shift of 136871 by 16 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:1781:41: runtime error: left shift of 66551 by 20 places cannot be represented in type 'int' + ../../cipher/mceliece6688128f.c:2261:15: runtime error: load of misaligned address 0x7ffd13d3ad84 for type 'const uint64_t', which requires 8 byte alignment + 0x7ffd13d3ad84: note: pointer points here + d8 7f e7 3c 61 1d b1 60 68 9b ff 4e 95 da 54 31 4b ca b9 7f e2 3b 06 a5 51 e3 7f 74 14 99 81 44 + ^ +t-kem: 70 tests done + +Signed-off-by: Jussi Kivilinna <[email protected]> +--- + cipher/mceliece6688128f.c | 27 ++++++++++++++------------- + 1 file changed, 14 insertions(+), 13 deletions(-) + +diff --git a/cipher/mceliece6688128f.c b/cipher/mceliece6688128f.c +index 6ad3eecb..ca1952b5 100644 +--- a/cipher/mceliece6688128f.c ++++ b/cipher/mceliece6688128f.c +@@ -131,6 +131,7 @@ + #endif + + #include "g10lib.h" ++#include "bufhelp.h" + #include "mceliece6688128f.h" + + static void +@@ -1763,10 +1764,10 @@ static void cbrecursion(unsigned char *out,long long pos,long long step,const in + } + /* B = (p<<16)+c */ + +- for (x = 0;x < n;++x) A[x] = (A[x]<<16)|x; /* A = (pibar<<16)+id */ ++ for (x = 0;x < n;++x) A[x] = ((u32)A[x]<<16)|x; /* A = (pibar<<16)+id */ + int32_sort(A,n); /* A = (id<<16)+pibar^-1 */ + +- for (x = 0;x < n;++x) A[x] = (A[x]<<16)+(B[x]>>16); /* A = (pibar^(-1)<<16)+pibar */ ++ for (x = 0;x < n;++x) A[x] = ((u32)A[x]<<16)+(B[x]>>16); /* A = (pibar^(-1)<<16)+pibar */ + int32_sort(A,n); /* A = (id<<16)+pibar^2 */ +
_______________________________________________ Gcrypt-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gcrypt-devel
