Merge remote-tracking branch 'upstream/master'

GNUmakefile

@@ -220,6 +220,9 @@ ifeq ($(findstring asan,$(MAKECMDGOALS)),asan)
 ifeq ($(findstring -fsanitize=address,$(CXXFLAGS)),)
 CXXFLAGS += -fsanitize=address
 endif # CXXFLAGS
+ifeq ($(findstring -fno-omit-frame-pointer,$(CXXFLAGS)),)
+CXXFLAGS += -fno-omit-frame-pointer
+endif # CXXFLAGS
 endif # Asan
 
 # LD gold linker testing. Triggered by 'LD=ld.gold'.

cryptest.sh

@@ -101,21 +101,15 @@ else
 fi
 
 # Set to 0 if you don't have Asan
-$CXX -x c++ -fsanitize=undefined adhoc.cpp.proto -c -o $TMP/adhoc > /dev/null 2>&1
+$CXX -x c++ -fsanitize=address adhoc.cpp.proto -c -o $TMP/adhoc > /dev/null 2>&1
 if [ "$?" -eq "0" ] && [ "$IS_X86" -ne "0" ]; then
 	HAVE_ASAN=1
 else
 	HAVE_ASAN=0
 fi
 
-# Fixup...
+# Fixups... Cygwin and MinGW both advertise sanitizer support, but the program fails to link.
-if [ "$IS_CYGWIN" -ne "0" ] || [ "$IS_MINGW" -ne "0" ]; then
+if [ "$HAVE_UBSAN" -eq "0" ] || [ "$HAVE_ASAN" -eq "0" ] || [ "$IS_CYGWIN" -ne "0" ] || [ "$IS_MINGW" -ne "0" ]; then
-	HAVE_UBAN=0
-	HAVE_ASAN=0
-fi
-
-# Final fixups for compilers like GCC on ARM64
-if [ "$HAVE_UBSAN" -eq "0" ] || [ "$HAVE_ASAN" -eq "0" ]; then
 	HAVE_UBAN=0
 	HAVE_ASAN=0
 fi

integer.cpp

@@ -59,7 +59,7 @@
 #endif
 
 // Debian QEMU/ARMEL issue in MultiplyTop; see http://github.com/weidai11/cryptopp/issues/31.
-#if __ARMEL__ && (CRYPTOPP_GCC_VERSION >= 50200) && (CRYPTOPP_GCC_VERSION < 50300) && __OPTIMIZE__
+#if __ARMEL__ && (CRYPTOPP_GCC_VERSION >= 40900) && (CRYPTOPP_GCC_VERSION < 70000) && __OPTIMIZE__
 # define WORKAROUND_ARMEL_BUG 1
 #endif
 

rng.cpp

@@ -59,25 +59,33 @@ void LC_RNG::GenerateBlock(byte *output, size_t size)
 #ifndef CRYPTOPP_IMPORTS
 
 X917RNG::X917RNG(BlockTransformation *c, const byte *seed, const byte *deterministicTimeVector)
-	: cipher(c),
+	: m_cipher(c),
-	  S(cipher->BlockSize()),
+	  m_size(m_cipher->BlockSize()),
-	  dtbuf(S),
+	  m_datetime(m_size),
-	  randseed(seed, S),
+	  m_randseed(seed, m_size),
-	  m_lastBlock(S),
+	  m_lastBlock(m_size),
-	  m_deterministicTimeVector(deterministicTimeVector, deterministicTimeVector ? S : 0)
+	  m_deterministicTimeVector(deterministicTimeVector, deterministicTimeVector ? m_size : 0)
 {
+	// Valgrind finding, http://github.com/weidai11/cryptopp/issues/105
+	// Garbage in the tail creates a non-conforming X9.17 or X9.31 generator.
+	if (m_size > 8)
+	{
+		memset(m_datetime, 0x00, m_size);
+		memset(m_lastBlock, 0x00, m_size);
+	}
+
 	if (!deterministicTimeVector)
 	{
 		time_t tstamp1 = time(0);
-		xorbuf(dtbuf, (byte *)&tstamp1, UnsignedMin(sizeof(tstamp1), S));
+		xorbuf(m_datetime, (byte *)&tstamp1, UnsignedMin(sizeof(tstamp1), m_size));
-		cipher->ProcessBlock(dtbuf);
+		m_cipher->ProcessBlock(m_datetime);
 		clock_t tstamp2 = clock();
-		xorbuf(dtbuf, (byte *)&tstamp2, UnsignedMin(sizeof(tstamp2), S));
+		xorbuf(m_datetime, (byte *)&tstamp2, UnsignedMin(sizeof(tstamp2), m_size));
-		cipher->ProcessBlock(dtbuf);
+		m_cipher->ProcessBlock(m_datetime);
 	}
 
 	// for FIPS 140-2
-	GenerateBlock(m_lastBlock, S);
+	GenerateBlock(m_lastBlock, m_size);
 }
 
 void X917RNG::GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size)
@@ -87,35 +95,35 @@ void X917RNG::GenerateIntoBufferedTransformation(BufferedTransformation &target,
 		// calculate new enciphered timestamp
 		if (m_deterministicTimeVector.size())
 		{
-			cipher->ProcessBlock(m_deterministicTimeVector, dtbuf);
+			m_cipher->ProcessBlock(m_deterministicTimeVector, m_datetime);
-			IncrementCounterByOne(m_deterministicTimeVector, S);
+			IncrementCounterByOne(m_deterministicTimeVector, m_size);
 		}
 		else
 		{
 			clock_t c = clock();
-			xorbuf(dtbuf, (byte *)&c, UnsignedMin(sizeof(c), S));
+			xorbuf(m_datetime, (byte *)&c, UnsignedMin(sizeof(c), m_size));
 			time_t t = time(NULL);
-			xorbuf(dtbuf+S-UnsignedMin(sizeof(t), S), (byte *)&t, UnsignedMin(sizeof(t), S));
+			xorbuf(m_datetime+m_size-UnsignedMin(sizeof(t), m_size), (byte *)&t, UnsignedMin(sizeof(t), m_size));
-			cipher->ProcessBlock(dtbuf);
+			m_cipher->ProcessBlock(m_datetime);
 		}
 
 		// combine enciphered timestamp with seed
-		xorbuf(randseed, dtbuf, S);
+		xorbuf(m_randseed, m_datetime, m_size);
 
 		// generate a new block of random bytes
-		cipher->ProcessBlock(randseed);
+		m_cipher->ProcessBlock(m_randseed);
-		if (memcmp(m_lastBlock, randseed, S) == 0)
+		if (memcmp(m_lastBlock, m_randseed, m_size) == 0)
 			throw SelfTestFailure("X917RNG: Continuous random number generator test failed.");
 
 		// output random bytes
-		size_t len = UnsignedMin(S, size);
+		size_t len = UnsignedMin(m_size, size);
-		target.ChannelPut(channel, randseed, len);
+		target.ChannelPut(channel, m_randseed, len);
 		size -= len;
 
 		// compute new seed vector
-		memcpy(m_lastBlock, randseed, S);
+		memcpy(m_lastBlock, m_randseed, m_size);
-		xorbuf(randseed, dtbuf, S);
+		xorbuf(m_randseed, m_datetime, m_size);
-		cipher->ProcessBlock(randseed);
+		m_cipher->ProcessBlock(m_randseed);
 	}
 }
 

rng.h

@@ -69,10 +69,10 @@ public:
 	void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
 
 private:
-	member_ptr<BlockTransformation> cipher;
+	member_ptr<BlockTransformation> m_cipher;
-	const unsigned int S;	// blocksize of cipher
+	const unsigned int m_size;  // S, blocksize of cipher
-	SecByteBlock dtbuf; 	// buffer for enciphered timestamp
+	SecByteBlock m_datetime;    // DT, buffer for enciphered timestamp
-	SecByteBlock randseed, m_lastBlock, m_deterministicTimeVector;
+	SecByteBlock m_randseed, m_lastBlock, m_deterministicTimeVector;
 };
 
 //! \class MaurerRandomnessTest

validat2.cpp

@@ -591,7 +591,7 @@ bool TestPolynomialMod2()
 	
 	for (unsigned int i=start; i < stop; i++)
 	{
-		const word w(SIZE_MAX);
+		const word w((word)SIZE_MAX);
 
 		PolynomialMod2 p(w);
 		p <<= i;