crypto routines: Hint minimum buffer sizes to the compiler

Use the C99 'static' keyword to hint to the compiler IVs and output digest sizes. The keyword informs the compiler of the minimum valid size for a given array. Obviously not every pointer can be validated (i.e., the compiler can produce false negative but not false positive reports). No functional change. No ABI change. Sponsored by: EMC / Isilon Storage Division
author: cem <cem@FreeBSD.org> 2016-05-26 19:29:29 +0000
committer: cem <cem@FreeBSD.org> 2016-05-26 19:29:29 +0000
commit: 444253bba579f26af746a0fbf42b89b8f44298a0 (patch)
tree: a3f8dd317ab9b8bf2071cc3dc88766e3294342a7 /sys/crypto/sha2
parent: 6aac4cff86e423c72bc1e352d3435843185b5977 (diff)
download: FreeBSD-src-444253bba579f26af746a0fbf42b89b8f44298a0.zip
FreeBSD-src-444253bba579f26af746a0fbf42b89b8f44298a0.tar.gz
5 files changed, 10 insertions, 10 deletions
diff --git a/sys/crypto/sha2/sha256.h b/sys/crypto/sha2/sha256.h
index 528af1e..17aae7d 100644
--- a/sys/crypto/sha2/sha256.h
+++ b/sys/crypto/sha2/sha256.h
@@ -78,7 +78,7 @@ __BEGIN_DECLS
 
 void	SHA256_Init(SHA256_CTX *);
 void	SHA256_Update(SHA256_CTX *, const void *, size_t);
-void	SHA256_Final(unsigned char [SHA256_DIGEST_LENGTH], SHA256_CTX *);
+void	SHA256_Final(unsigned char [static SHA256_DIGEST_LENGTH], SHA256_CTX *);
 #ifndef _KERNEL
 char   *SHA256_End(SHA256_CTX *, char *);
 char   *SHA256_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/sha2/sha256c.c b/sys/crypto/sha2/sha256c.c
index da9b02c..79ed61d 100644
--- a/sys/crypto/sha2/sha256c.c
+++ b/sys/crypto/sha2/sha256c.c
@@ -287,17 +287,17 @@ SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len)
  * and clears the context state.
  */
 void
-SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx)
+SHA256_Final(unsigned char digest[static SHA256_DIGEST_LENGTH], SHA256_CTX *ctx)
 {
 
 	/* Add padding */
 	SHA256_Pad(ctx);
 
 	/* Write the hash */
-	be32enc_vect(digest, ctx->state, 32);
+	be32enc_vect(digest, ctx->state, SHA256_DIGEST_LENGTH);
 
 	/* Clear the context state */
-	memset((void *)ctx, 0, sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 }
 
 #ifdef WEAK_REFS
diff --git a/sys/crypto/sha2/sha384.h b/sys/crypto/sha2/sha384.h
index ae63ba9..63dd948 100644
--- a/sys/crypto/sha2/sha384.h
+++ b/sys/crypto/sha2/sha384.h
@@ -74,7 +74,7 @@ __BEGIN_DECLS
 
 void	SHA384_Init(SHA384_CTX *);
 void	SHA384_Update(SHA384_CTX *, const void *, size_t);
-void	SHA384_Final(unsigned char [SHA384_DIGEST_LENGTH], SHA384_CTX *);
+void	SHA384_Final(unsigned char [static SHA384_DIGEST_LENGTH], SHA384_CTX *);
 #ifndef _KERNEL
 char   *SHA384_End(SHA384_CTX *, char *);
 char   *SHA384_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/sha2/sha512.h b/sys/crypto/sha2/sha512.h
index da0a018..b008aea 100644
--- a/sys/crypto/sha2/sha512.h
+++ b/sys/crypto/sha2/sha512.h
@@ -77,7 +77,7 @@ __BEGIN_DECLS
 
 void	SHA512_Init(SHA512_CTX *);
 void	SHA512_Update(SHA512_CTX *, const void *, size_t);
-void	SHA512_Final(unsigned char [SHA512_DIGEST_LENGTH], SHA512_CTX *);
+void	SHA512_Final(unsigned char [static SHA512_DIGEST_LENGTH], SHA512_CTX *);
 #ifndef _KERNEL
 char   *SHA512_End(SHA512_CTX *, char *);
 char   *SHA512_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/sha2/sha512c.c b/sys/crypto/sha2/sha512c.c
index 42ad058..5c107ea 100644
--- a/sys/crypto/sha2/sha512c.c
+++ b/sys/crypto/sha2/sha512c.c
@@ -311,7 +311,7 @@ SHA512_Update(SHA512_CTX * ctx, const void *in, size_t len)
  * and clears the context state.
  */
 void
-SHA512_Final(unsigned char digest[SHA512_DIGEST_LENGTH], SHA512_CTX * ctx)
+SHA512_Final(unsigned char digest[static SHA512_DIGEST_LENGTH], SHA512_CTX *ctx)
 {
 
 	/* Add padding */
@@ -321,7 +321,7 @@ SHA512_Final(unsigned char digest[SHA512_DIGEST_LENGTH], SHA512_CTX * ctx)
 	be64enc_vect(digest, ctx->state, SHA512_DIGEST_LENGTH);
 
 	/* Clear the context state */
-	memset((void *)ctx, 0, sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 }
 
 /*** SHA-384: *********************************************************/
@@ -361,7 +361,7 @@ SHA384_Update(SHA384_CTX * ctx, const void *in, size_t len)
  * and clears the context state.
  */
 void
-SHA384_Final(unsigned char digest[SHA384_DIGEST_LENGTH], SHA384_CTX * ctx)
+SHA384_Final(unsigned char digest[static SHA384_DIGEST_LENGTH], SHA384_CTX *ctx)
 {
 
 	/* Add padding */
@@ -371,7 +371,7 @@ SHA384_Final(unsigned char digest[SHA384_DIGEST_LENGTH], SHA384_CTX * ctx)
 	be64enc_vect(digest, ctx->state, SHA384_DIGEST_LENGTH);
 
 	/* Clear the context state */
-	memset((void *)ctx, 0, sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 }
 
 #ifdef WEAK_REFS
author	cem <cem@FreeBSD.org>	2016-05-26 19:29:29 +0000
committer	cem <cem@FreeBSD.org>	2016-05-26 19:29:29 +0000
commit	444253bba579f26af746a0fbf42b89b8f44298a0 (patch)
tree	a3f8dd317ab9b8bf2071cc3dc88766e3294342a7 /sys/crypto/sha2
parent	6aac4cff86e423c72bc1e352d3435843185b5977 (diff)
download	FreeBSD-src-444253bba579f26af746a0fbf42b89b8f44298a0.zip FreeBSD-src-444253bba579f26af746a0fbf42b89b8f44298a0.tar.gz