Use unsigned comparisons. Prior to this commit, SHA1_Update and

RIPEMD160_Update were broken when all of the following conditions
applied:
(1) The platform is i386.
(2) The program calling *_Update is statically linked to libmd.
(3) The buffer provided to *_Update is aligned modulo 4 bytes.
(4) The buffer extends beyond 2GB.

Due to the design of this code, SHA1_Update and RIPEMD160_Update will
still be broken if conditions (1)-(3) apply AND the buffer extends
beyond 4GB (i.e., there is an integer overflow in computing "data + len").
Since this remaining bug simply replaces SIGSEGV with a bogus hash (and
non-broken programs should never provide such operands) I don't consider
it to be a serious problem.

MFC After:      1 week
PR:             kern/102795

2 files changed, 4 insertions, 2 deletions

diff --git a/lib/libmd/i386/rmd160.S b/lib/libmd/i386/rmd160.S
index 97193e9..7ccfb22 100644
--- a/lib/libmd/i386/rmd160.S
+++ b/lib/libmd/i386/rmd160.S
@@ -1,3 +1,4 @@
+/* $FreeBSD$ */
 /* Run the C pre-processor over this file with one of the following defined
  * ELF - elf object files,
  * OUT - a.out object files,
@@ -2005,7 +2006,7 @@ ripemd160_block_x86:
 	movl	112(%esp),	%esi
 	cmpl	%esi,		%edi
 	movl	108(%esp),	%edi
-	jge	.L000start
+	jae	.L000start
 	addl	$88,		%esp
 	popl	%ebx
 	popl	%ebp
diff --git a/lib/libmd/i386/sha.S b/lib/libmd/i386/sha.S
index ae8f89e..1e5201f 100644
--- a/lib/libmd/i386/sha.S
+++ b/lib/libmd/i386/sha.S
@@ -1,3 +1,4 @@
+/* $FreeBSD$ */
 /* -*- Fundamental -*- Emacs' assembler mode hoses this file */
 #ifndef PIC
 /* Run the C pre-processor over this file with one of the following defined
@@ -1935,7 +1936,7 @@ sha1_block_x86:
 	movl	%edi,		16(%ebp)
 	cmpl	%esi,		%eax
 	movl	%ebx,		4(%ebp)
-	jl	.L001end
+	jb	.L001end
 	movl	(%esi),		%eax
 	jmp	.L000start
 .L001end: