CVSROOT: /cvs
Module name: src
Changes by: kenj...@cvs.openbsd.org 2025/07/16 18:55:48
Modified files:
lib/libcrypto/curve25519: curve25519.c
Log message:
avoid undefined behavior when shifting into sign bit
Shifting a signed int64_t into the sign bit is undefined behavior in C.
/dev/portable/crypto/curve25519/curve25519.c:3900:18: runtime error:
left shift of negative value -222076011
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /dev/portable
To avoid this, import int64_lshift21() from BoringSSL, a helper function
that casts the input to uint64_t before shifting and back to int64_t afterward.
This ensures defined behavior when shifting left by 21 bits, avoiding
undefined behavior in expressions like `carry << 21`.
This change addresses potential runtime issues detected by sanitizers
when shifting signed values with high bits set.
ok tb beck
