Re: Release plan?

2017-11-05 Thread Niels Möller 
Nikos Mavrogiannopoulos  writes:

> The changes seem good and backwards compatible. I haven't tested
> compiling gnutls or running its test suite though.

Let me know when you have been able to do that.

With the ABI and CFB changes now in, I think we're now in the testing
phase before the release. I've updated the NEWS file
(https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS) and the
release plan (http://www.lysator.liu.se/~nisse/nettle/plan.html).

Review of the NEWS file is appreciated. 

Anything else which we should try to get in before release?

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs

Re: Fix UBSAN issue

2017-11-05 Thread Niels Möller 
Tim Rühsen  writes:

> Nothing with a real impact, just to silence sanitizers.

Can you explain precisely what's undefined behavior in this code ?

> diff --git a/sec-tabselect.c b/sec-tabselect.c
> index e6bf2282..942c4247 100644
> --- a/sec-tabselect.c
> +++ b/sec-tabselect.c
> @@ -55,7 +55,7 @@ sec_tabselect (mp_limb_t *rp, mp_size_t rn,
>mpn_zero (rp, rn);
>for (p = table; p < end; p += rn, k--)
>  {
> -  mp_limb_t mask = - (mp_limb_t) (k == 0);

As far as I understand, this should be perfectly portable C. 

  (k == 0) evaluates to zero or one, with int type. 

This always fits in an mp_limb_t, hence

  (mp_limb_t) (k == 0) evaluates to zero or one, with mp_limb_t type. 

And since mp_limb_t is an *unsigned* type, arithmetic is always well
defined as being performed modulo (ULONG_MAX + 1), including unary
negation. So

  -(mp_limb_t) (k == 0) evaluates to zero or ULONG_MAX.

(Assuming mp_limb_t is unsigned long, which it is an almost anything
except 64-bit windows, where it's instead unsigned long long).

But I may be missing something? These corners of the C language are a
bit subtle.

> +  mp_limb_t mask = (mp_limb_t) -(k == 0);

If the other way isn't broken, I'd prefer to change it like this.
Because then one also has to think about why it produces the intended
sign extension (which it does; it's not the same as (mp_limb_t)
(unsigned) -(k == 0)).

In general, both nettle and GMP depend on well-defined modulo arithmetic
on unsigned types in *lots* of places. Any sanitizer which complains
about that is pretty useless for this code. If your sanitizer complains
by default, please use some option to disable that. And if there's no
such option, please bug report the sanitizer tool.

Best regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs