From 9522a0b7c16414fce2103cf58bfdd63aaf0cb01b Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 3 Nov 2022 14:58:32 -0400 Subject: DRTVWR-575: Fix llcommon assumptions that size_t fits in 4 bytes. It's a little distressing how often we have historically coded S32 or U32 to pass a length or index. There are more such assumptions in other viewer subdirectories, but this is a start. --- indra/llcommon/llmd5.cpp | 34 +++++++++++++++------------------- 1 file changed, 15 insertions(+), 19 deletions(-) (limited to 'indra/llcommon/llmd5.cpp') diff --git a/indra/llcommon/llmd5.cpp b/indra/llcommon/llmd5.cpp index f942a976b7..9b2a2bab60 100644 --- a/indra/llcommon/llmd5.cpp +++ b/indra/llcommon/llmd5.cpp @@ -96,10 +96,10 @@ LLMD5::LLMD5() // operation, processing another message block, and updating the // context. -void LLMD5::update (const uint1 *input, const uint4 input_length) { +void LLMD5::update (const uint1 *input, const size_t input_length) { - uint4 input_index, buffer_index; - uint4 buffer_space; // how much space is left in buffer + size_t input_index, buffer_index; + size_t buffer_space; // how much space is left in buffer if (finalized){ // so we can't update! std::cerr << "LLMD5::update: Can't update a finalized digest!" << std::endl; @@ -107,14 +107,10 @@ void LLMD5::update (const uint1 *input, const uint4 input_length) { } // Compute number of bytes mod 64 - buffer_index = (unsigned int)((count[0] >> 3) & 0x3F); + buffer_index = size_t((count >> 3) & 0x3F); // Update number of bits - if ( (count[0] += ((uint4) input_length << 3))<((uint4) input_length << 3) ) - count[1]++; - - count[1] += ((uint4)input_length >> 29); - + count += input_length << 3; buffer_space = 64 - buffer_index; // how much space is left in buffer @@ -192,7 +188,7 @@ void LLMD5::update(const std::string& s) void LLMD5::finalize (){ unsigned char bits[8]; /* Flawfinder: ignore */ - unsigned int index, padLen; + size_t index, padLen; static uint1 PADDING[64]={ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -204,11 +200,12 @@ void LLMD5::finalize (){ return; } - // Save number of bits - encode (bits, count, 8); + // Save number of bits. + // Treat count, a uint64_t, as uint4[2]. + encode (bits, reinterpret_cast(&count), 8); // Pad out to 56 mod 64. - index = (uint4) ((count[0] >> 3) & 0x3f); + index = size_t((count >> 3) & 0x3f); padLen = (index < 56) ? (56 - index) : (120 - index); update (PADDING, padLen); @@ -340,8 +337,7 @@ void LLMD5::init(){ finalized=0; // we just started! // Nothing counted, so count=0 - count[0] = 0; - count[1] = 0; + count = 0; // Load magic initialization constants. state[0] = 0x67452301; @@ -508,9 +504,9 @@ void LLMD5::transform (const U8 block[64]){ // Encodes input (UINT4) into output (unsigned char). Assumes len is // a multiple of 4. -void LLMD5::encode (uint1 *output, const uint4 *input, const uint4 len) { +void LLMD5::encode (uint1 *output, const uint4 *input, const size_t len) { - unsigned int i, j; + size_t i, j; for (i = 0, j = 0; j < len; i++, j += 4) { output[j] = (uint1) (input[i] & 0xff); @@ -525,9 +521,9 @@ void LLMD5::encode (uint1 *output, const uint4 *input, const uint4 len) { // Decodes input (unsigned char) into output (UINT4). Assumes len is // a multiple of 4. -void LLMD5::decode (uint4 *output, const uint1 *input, const uint4 len){ +void LLMD5::decode (uint4 *output, const uint1 *input, const size_t len){ - unsigned int i, j; + size_t i, j; for (i = 0, j = 0; j < len; i++, j += 4) output[i] = ((uint4)input[j]) | (((uint4)input[j+1]) << 8) | -- cgit v1.3 From ba47aa4afff0cdcf08617b48660ef8505b9d43c0 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Wed, 1 Mar 2023 14:11:27 -0500 Subject: SL-18330: Use C++ standard types for llmd5, not local typedefs. Not only do the local typedefs make the code less readable, they also rely on assumptions about the implementation. The standard types are guaranteed by the C++ library implementation. --- indra/llcommon/llmd5.cpp | 32 ++++++++++++++++---------------- indra/llcommon/llmd5.h | 23 ++++++++++------------- 2 files changed, 26 insertions(+), 29 deletions(-) (limited to 'indra/llcommon/llmd5.cpp') diff --git a/indra/llcommon/llmd5.cpp b/indra/llcommon/llmd5.cpp index 9b2a2bab60..0abe817f1d 100644 --- a/indra/llcommon/llmd5.cpp +++ b/indra/llcommon/llmd5.cpp @@ -96,7 +96,7 @@ LLMD5::LLMD5() // operation, processing another message block, and updating the // context. -void LLMD5::update (const uint1 *input, const size_t input_length) { +void LLMD5::update (const uint8_t *input, const size_t input_length) { size_t input_index, buffer_index; size_t buffer_space; // how much space is left in buffer @@ -189,7 +189,7 @@ void LLMD5::finalize (){ unsigned char bits[8]; /* Flawfinder: ignore */ size_t index, padLen; - static uint1 PADDING[64]={ + static uint8_t PADDING[64]={ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 @@ -201,8 +201,8 @@ void LLMD5::finalize (){ } // Save number of bits. - // Treat count, a uint64_t, as uint4[2]. - encode (bits, reinterpret_cast(&count), 8); + // Treat count, a uint64_t, as uint32_t[2]. + encode (bits, reinterpret_cast(&count), 8); // Pad out to 56 mod 64. index = size_t((count >> 3) & 0x3f); @@ -412,7 +412,7 @@ Rotation is separate from addition to prevent recomputation. // LLMD5 basic transformation. Transforms state based on block. void LLMD5::transform (const U8 block[64]){ - uint4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; + uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16]; decode (x, block, 64); @@ -496,38 +496,38 @@ void LLMD5::transform (const U8 block[64]){ state[3] += d; // Zeroize sensitive information. - memset ( (uint1 *) x, 0, sizeof(x)); + memset ( (uint8_t *) x, 0, sizeof(x)); } -// Encodes input (UINT4) into output (unsigned char). Assumes len is +// Encodes input (uint32_t) into output (unsigned char). Assumes len is // a multiple of 4. -void LLMD5::encode (uint1 *output, const uint4 *input, const size_t len) { +void LLMD5::encode (uint8_t *output, const uint32_t *input, const size_t len) { size_t i, j; for (i = 0, j = 0; j < len; i++, j += 4) { - output[j] = (uint1) (input[i] & 0xff); - output[j+1] = (uint1) ((input[i] >> 8) & 0xff); - output[j+2] = (uint1) ((input[i] >> 16) & 0xff); - output[j+3] = (uint1) ((input[i] >> 24) & 0xff); + output[j] = (uint8_t) (input[i] & 0xff); + output[j+1] = (uint8_t) ((input[i] >> 8) & 0xff); + output[j+2] = (uint8_t) ((input[i] >> 16) & 0xff); + output[j+3] = (uint8_t) ((input[i] >> 24) & 0xff); } } -// Decodes input (unsigned char) into output (UINT4). Assumes len is +// Decodes input (unsigned char) into output (uint32_t). Assumes len is // a multiple of 4. -void LLMD5::decode (uint4 *output, const uint1 *input, const size_t len){ +void LLMD5::decode (uint32_t *output, const uint8_t *input, const size_t len){ size_t i, j; for (i = 0, j = 0; j < len; i++, j += 4) - output[i] = ((uint4)input[j]) | (((uint4)input[j+1]) << 8) | - (((uint4)input[j+2]) << 16) | (((uint4)input[j+3]) << 24); + output[i] = ((uint32_t)input[j]) | (((uint32_t)input[j+1]) << 8) | + (((uint32_t)input[j+2]) << 16) | (((uint32_t)input[j+3]) << 24); } diff --git a/indra/llcommon/llmd5.h b/indra/llcommon/llmd5.h index 8530dc0389..7d6373c20c 100644 --- a/indra/llcommon/llmd5.h +++ b/indra/llcommon/llmd5.h @@ -67,6 +67,8 @@ documentation and/or software. */ +#include // uint32_t et al. + // use for the raw digest output const int MD5RAW_BYTES = 16; @@ -75,18 +77,13 @@ const int MD5HEX_STR_SIZE = 33; // char hex[MD5HEX_STR_SIZE]; with null const int MD5HEX_STR_BYTES = 32; // message system fixed size class LL_COMMON_API LLMD5 { -// first, some types: - typedef unsigned int uint4; // assumes integer is 4 words long - typedef unsigned short int uint2; // assumes short integer is 2 words long - typedef unsigned char uint1; // assumes char is 1 word long - // how many bytes to grab at a time when checking files static const int BLOCK_LEN; public: // methods for controlled operation: LLMD5 (); // simple initializer - void update (const uint1 *input, const size_t input_length); + void update (const uint8_t *input, const size_t input_length); void update (std::istream& stream); void update (FILE *file); void update (const std::string& str); @@ -109,19 +106,19 @@ private: // next, the private data: - uint4 state[4]; + uint32_t state[4]; uint64_t count; // number of *bits*, mod 2^64 - uint1 buffer[64]; // input buffer - uint1 digest[16]; - uint1 finalized; + uint8_t buffer[64]; // input buffer + uint8_t digest[16]; + uint8_t finalized; // last, the private methods, mostly static: void init (); // called by all constructors - void transform (const uint1 *buffer); // does the real update work. Note + void transform (const uint8_t *buffer); // does the real update work. Note // that length is implied to be 64. - static void encode (uint1 *dest, const uint4 *src, const size_t length); - static void decode (uint4 *dest, const uint1 *src, const size_t length); + static void encode (uint8_t *dest, const uint32_t *src, const size_t length); + static void decode (uint32_t *dest, const uint8_t *src, const size_t length); }; -- cgit v1.3