Re: Fix boundary issue in chacha code

2016-10-08 Thread Otto Moerbeek 
On Fri, Oct 07, 2016 at 03:06:28PM -0500, Brent Cook wrote:

> 
> > On Oct 7, 2016, at 2:52 PM, Otto Moerbeek  wrote:
> > 
> > On Fri, Oct 07, 2016 at 02:33:13PM -0500, Brent Cook wrote:
> > 
> >> 
> >>> On Oct 7, 2016, at 12:18 PM, Ted Unangst  wrote:
> >>> 
> >>> Kinichiro Inoguchi wrote:
>  I think this 16 bytes string assignment has boundary issue.
>  
>    static const char sigma[16] = "expand 32-byte k";
>  
>  I found this when I tried to build libressl-portable with MSVC on 
>  Windows.
> >>> 
> >>> another broken compiler? the above line is perfectly valid C.
> >>> 
> >> 
> >> Technically, that's a 17-byte string being assigned to a 16-byte character 
> >> array, including the NULL. I believe there is a way to get GCC to warn 
> >> about this as well.
> > 
> > Nah, there is a special rule that says you can init an x byte array
> > with a x length string. The 0 byte is discarded in that case,
> > 
> > See section 6.7.8 Example 8 of the C99 standard.
> > 
> > -Otto
> 
> Ah, that probably explains it. MSVC isn't strictly a C99 compiler.

Thsi exception is also in K 2n ed. So C89 has it as well. I seem to
reemember it was already like that when I learned C in 1984.

-Otto

> 
> > 
> >> 
> >> This is a simpler change:
> >> 
> >> diff --git a/src/lib/libc/crypt/chacha_private.h 
> >> b/src/lib/libc/crypt/chacha_private.h
> >> index b720d93..a08509c 100644
> >> --- a/src/lib/libc/crypt/chacha_private.h
> >> +++ b/src/lib/libc/crypt/chacha_private.h
> >> @@ -48,8 +48,8 @@ typedef struct
> >>   a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \
> >>   c = PLUS(c,d); b = ROTATE(XOR(b,c), 7);
> >> 
> >> -static const char sigma[16] = "expand 32-byte k";
> >> -static const char tau[16] = "expand 16-byte k";
> >> +static const char sigma[] = "expand 32-byte k";
> >> +static const char tau[] = "expand 16-byte k";
> >> 
> >> static void
> >> chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits)

Re: Fix boundary issue in chacha code

2016-10-07 Thread Kinichiro Inoguchi 
Sorry for my misunderstanding, and thanks for teaching me.

I had read C99 standard document.
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf

On p.130 6.7.8 Initialization "32 EXAMPLE 8 The declaration" says,
-
char s[] = "abc", t[3] = "abc";

defines ‘‘plain’’ char array objects s and t whose elements are initialized 
with character string literals.
This declaration is identical to

char s[] = { 'a', 'b', 'c', '\0' },
t[] = { 'a', 'b', 'c' };
-

I did not know about this type of initialization.

Best regards,
Kinichiro

Re: Fix boundary issue in chacha code

2016-10-07 Thread Ted Unangst 
Kinichiro Inoguchi wrote:
> I think this 16 bytes string assignment has boundary issue.
> 
> static const char sigma[16] = "expand 32-byte k";
> 
> I found this when I tried to build libressl-portable with MSVC on Windows.

another broken compiler? the above line is perfectly valid C.