diff options
author | Peter Wu <peter@lekensteyn.nl> | 2016-03-24 00:04:53 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2016-03-24 13:35:34 +0100 |
commit | 49ec33eb18d7c86e3cf2ce56ffef7aaf60de8c0d (patch) | |
tree | fc1c060ccf91f08aeacd2b4ead5ce22ca377dcfd /doc/gcrypt.texi | |
parent | 3269496e11eb08a4847d8c11f4a6a8b421cf5ad6 (diff) | |
download | libgcrypt-sanitizer-fixes.tar.gz |
Disallow XOF algorithms for gcry_md_hash_bufferssanitizer-fixes
* cipher/md.c (_gcry_md_hash_buffer): Skip calculation for XOFs.
(_gcry_md_hash_buffers): Fail when XOFs are selected.
* doc/gcrypt.texi: Explicitly document above behavior for XOFs.
* tests/benchmark.c: Skip benchmarking hash functions without a fixed
output length.
--
Caught by UndefinedBehaviorSanitizer while running tests/benchmarks
where gcry_md_hash_buffer(GCRY_MD_SHAKE128) would result in
memcpy(digest, NULL, 0).
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'doc/gcrypt.texi')
-rw-r--r-- | doc/gcrypt.texi | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 3265a706..9481be9e 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -3378,6 +3378,7 @@ described by @var{iov} and @var{iovcnt}. @var{digest} must be allocated by the caller, large enough to hold the message digest yielded by the the specified algorithm @var{algo}. This required size may be obtained by using the function @code{gcry_md_get_algo_dlen}. +This function cannot be used for extendable-output functions. @var{iov} is an array of buffer descriptions with @var{iovcnt} items. The caller should zero out the structures in this array and for each @@ -3402,7 +3403,8 @@ immediately returns the message digest of the @var{length} bytes at @var{buffer}. @var{digest} must be allocated by the caller, large enough to hold the message digest yielded by the the specified algorithm @var{algo}. This required size may be obtained by using the function -@code{gcry_md_get_algo_dlen}. +@code{gcry_md_get_algo_dlen}. This function has no effect for +extendable-output functions. Note that in contrast to @code{gcry_md_hash_buffers} this function will abort the process if an unavailable algorithm is used. |