Re: API fixes
ni...@lysator.liu.se (Niels Möller) writes: > ni...@lysator.liu.se (Niels Möller) writes: > >> Applied. I'd expect the gnutls build to fail at the moment, problem not >> yet fixed. > > And it did. Tentative fix now pushed to the branch api-opaque-fix. And it seems to work, see https://gitlab.com/gnutls/nettle/-/jobs/39603054 Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
API fixes (was: Re: Release plan?)
ni...@lysator.liu.se (Niels Möller) writes: > Applied. I'd expect the gnutls build to fail at the moment, problem not > yet fixed. And it did. Tentative fix now pushed to the branch api-opaque-fix. If it works out, we need to update docs (including NEWS), to advertise nettle_get_secp_*. BTW, do people like the naming scheme of getter functions nettle_get_foo() replacing direct references to the data symbol nettle_foo? For foo being "hashes", "aeads", "ciphers", "armors", "secp_192r1", ..., "secp_521r1"? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: Fix UBSAN issue
On Mittwoch, 8. November 2017 12:44:28 CET Niels Möller wrote: > Tim Rühsen writes: > > And of course you might be right and this is a bug in the sanitizer. > > I leave that discussion to the experts and open a bug at oss-fuzz as soon > > as I find the time. > > Ok. Please add me to cc me on any related bugs, my personal address if > that works, otherwise my work address ni...@google.com. Just opened an issue on Github. So i put a link here, if someone else is interested. https://github.com/google/oss-fuzz/issues/971 With Best Regards, Tim signature.asc Description: This is a digitally signed message part. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: Release plan?
Nikos Mavrogiannopoulos writes: > I suggest including the attached patches to the CI. The first makes > sure that random errors due to installation of fedora packages don't > get in the way by using the pre-build images used in gnutls. The second > it includes gnutls build in the CI to detect breakages early. Applied. I'd expect the gnutls build to fail at the moment, problem not yet fixed. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: Fix UBSAN issue
Tim Rühsen writes: > And of course you might be right and this is a bug in the sanitizer. > I leave that discussion to the experts and open a bug at oss-fuzz as soon as > I > find the time. Ok. Please add me to cc me on any related bugs, my personal address if that works, otherwise my work address ni...@google.com. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: Fix UBSAN issue
On Sonntag, 5. November 2017 23:20:27 CET Niels Möller wrote: > Tim Rühsen writes: > > Nothing with a real impact, just to silence sanitizers. > > Can you explain precisely what's undefined behavior in this code ? > > > diff --git a/sec-tabselect.c b/sec-tabselect.c > > index e6bf2282..942c4247 100644 > > --- a/sec-tabselect.c > > +++ b/sec-tabselect.c > > @@ -55,7 +55,7 @@ sec_tabselect (mp_limb_t *rp, mp_size_t rn, > > > >mpn_zero (rp, rn); > >for (p = table; p < end; p += rn, k--) > > > > { > > > > - mp_limb_t mask = - (mp_limb_t) (k == 0); > > As far as I understand, this should be perfectly portable C. > > (k == 0) evaluates to zero or one, with int type. > > This always fits in an mp_limb_t, hence > > (mp_limb_t) (k == 0) evaluates to zero or one, with mp_limb_t type. > > And since mp_limb_t is an *unsigned* type, arithmetic is always well > defined as being performed modulo (ULONG_MAX + 1), including unary > negation. So > > -(mp_limb_t) (k == 0) evaluates to zero or ULONG_MAX. > > (Assuming mp_limb_t is unsigned long, which it is an almost anything > except 64-bit windows, where it's instead unsigned long long). > > But I may be missing something? These corners of the C language are a > bit subtle. > > > + mp_limb_t mask = (mp_limb_t) -(k == 0); > > If the other way isn't broken, I'd prefer to change it like this. > Because then one also has to think about why it produces the intended > sign extension (which it does; it's not the same as (mp_limb_t) > (unsigned) -(k == 0)). > > In general, both nettle and GMP depend on well-defined modulo arithmetic > on unsigned types in *lots* of places. Any sanitizer which complains > about that is pretty useless for this code. If your sanitizer complains > by default, please use some option to disable that. And if there's no > such option, please bug report the sanitizer tool. Thanks for taking such a detailed look ! Well, this is not really "my" sanitizer, it's "the" sanitizer (llvm/clang) used by Google's OSS-Fuzz. (gcc eventually implements clang's sanitizer features but is very behind). And of course you might be right and this is a bug in the sanitizer. I leave that discussion to the experts and open a bug at oss-fuzz as soon as I find the time. With Best Regards, Tim signature.asc Description: This is a digitally signed message part. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs