From 0364c8a773e80a2a492d139fbd06e3d7cf2af098 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Sep 2023 16:20:19 +0100 Subject: [PATCH 1/5] Introduce MBEDTLS_IGNORE_UNREACHABLE_BEGIN Signed-off-by: Dave Rodgman --- library/common.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/library/common.h b/library/common.h index 3c472c685..4e1b2fa2d 100644 --- a/library/common.h +++ b/library/common.h @@ -334,4 +334,23 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE #endif +/* Define macros that can be used to disable warnings about unreachable code. */ +#if defined(__clang__) + +#define MBEDTLS_PRAGMA(x) _Pragma(#x) + +#define MBEDTLS_IGNORE_UNREACHABLE_BEGIN \ + MBEDTLS_PRAGMA(clang diagnostic push) \ + MBEDTLS_PRAGMA(clang diagnostic ignored "-Wunreachable-code") + +#define MBEDTLS_IGNORE_UNREACHABLE_END \ + MBEDTLS_PRAGMA(clang diagnostic pop) + +#else + +#define MBEDTLS_IGNORE_UNREACHABLE_BEGIN +#define MBEDTLS_IGNORE_UNREACHABLE_END + +#endif + #endif /* MBEDTLS_LIBRARY_COMMON_H */ From cfa722324ca1618f03923b407a4ce683221cd277 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Sep 2023 16:20:33 +0100 Subject: [PATCH 2/5] Fix warnings about unreachable code Signed-off-by: Dave Rodgman --- library/bignum_core.c | 2 ++ library/x509_crt.c | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/library/bignum_core.c b/library/bignum_core.c index 48b640bdb..85dca5530 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -99,6 +99,7 @@ static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) /* Nothing to do on bigendian systems. */ return a; } else { +MBEDTLS_IGNORE_UNREACHABLE_BEGIN switch (sizeof(mbedtls_mpi_uint)) { case 4: return (mbedtls_mpi_uint) MBEDTLS_BSWAP32((uint32_t) a); @@ -109,6 +110,7 @@ static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) /* Fall back to C-based reordering if we don't know the byte order * or we couldn't use a compiler-specific builtin. */ return mpi_bigendian_to_host_c(a); +MBEDTLS_IGNORE_UNREACHABLE_END } } diff --git a/library/x509_crt.c b/library/x509_crt.c index 2cbced210..8d07694a2 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2754,8 +2754,8 @@ static int x509_inet_pton_ipv6(const char *src, void *dst) p++; } if (num_digits != 0) { - addr[nonzero_groups++] = MBEDTLS_IS_BIG_ENDIAN ? group : - (group << 8) | (group >> 8); + MBEDTLS_PUT_UINT16_BE(group, addr, nonzero_groups); + nonzero_groups++; if (*p == '\0') { break; } else if (*p == '.') { From 7e1e7be8fcd67884b881aaa1760914566e8356a5 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Sep 2023 18:12:33 +0100 Subject: [PATCH 3/5] Simplify fixes for unreachable code Signed-off-by: Dave Rodgman --- library/bignum_core.c | 35 +++++++---------------------------- library/common.h | 19 ------------------- 2 files changed, 7 insertions(+), 47 deletions(-) diff --git a/library/bignum_core.c b/library/bignum_core.c index 85dca5530..441151e66 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -77,40 +77,19 @@ size_t mbedtls_mpi_core_bitlen(const mbedtls_mpi_uint *A, size_t A_limbs) return 0; } -/* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint - * into the storage form used by mbedtls_mpi. */ -static mbedtls_mpi_uint mpi_bigendian_to_host_c(mbedtls_mpi_uint a) -{ - uint8_t i; - unsigned char *a_ptr; - mbedtls_mpi_uint tmp = 0; - - for (i = 0, a_ptr = (unsigned char *) &a; i < ciL; i++, a_ptr++) { - tmp <<= CHAR_BIT; - tmp |= (mbedtls_mpi_uint) *a_ptr; - } - - return tmp; -} - static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) { if (MBEDTLS_IS_BIG_ENDIAN) { /* Nothing to do on bigendian systems. */ return a; } else { -MBEDTLS_IGNORE_UNREACHABLE_BEGIN - switch (sizeof(mbedtls_mpi_uint)) { - case 4: - return (mbedtls_mpi_uint) MBEDTLS_BSWAP32((uint32_t) a); - case 8: - return (mbedtls_mpi_uint) MBEDTLS_BSWAP64((uint64_t) a); - } - - /* Fall back to C-based reordering if we don't know the byte order - * or we couldn't use a compiler-specific builtin. */ - return mpi_bigendian_to_host_c(a); -MBEDTLS_IGNORE_UNREACHABLE_END +#if defined(MBEDTLS_HAVE_INT32) + return (mbedtls_mpi_uint) MBEDTLS_BSWAP32((uint32_t) a); +#elif defined(MBEDTLS_HAVE_INT64) + return (mbedtls_mpi_uint) MBEDTLS_BSWAP64((uint64_t) a); +#else +#error "This is one of several places that need to be adapted to support a new limb size" +#endif } } diff --git a/library/common.h b/library/common.h index 4e1b2fa2d..3c472c685 100644 --- a/library/common.h +++ b/library/common.h @@ -334,23 +334,4 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE #endif -/* Define macros that can be used to disable warnings about unreachable code. */ -#if defined(__clang__) - -#define MBEDTLS_PRAGMA(x) _Pragma(#x) - -#define MBEDTLS_IGNORE_UNREACHABLE_BEGIN \ - MBEDTLS_PRAGMA(clang diagnostic push) \ - MBEDTLS_PRAGMA(clang diagnostic ignored "-Wunreachable-code") - -#define MBEDTLS_IGNORE_UNREACHABLE_END \ - MBEDTLS_PRAGMA(clang diagnostic pop) - -#else - -#define MBEDTLS_IGNORE_UNREACHABLE_BEGIN -#define MBEDTLS_IGNORE_UNREACHABLE_END - -#endif - #endif /* MBEDTLS_LIBRARY_COMMON_H */ From b7b8c09c8106de777320c1e6ae790e2489052a95 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Sep 2023 20:35:19 +0100 Subject: [PATCH 4/5] Update bignum_core.c Co-authored-by: Gilles Peskine Signed-off-by: Dave Rodgman --- library/bignum_core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/bignum_core.c b/library/bignum_core.c index 441151e66..e719dcc69 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -84,9 +84,9 @@ static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) return a; } else { #if defined(MBEDTLS_HAVE_INT32) - return (mbedtls_mpi_uint) MBEDTLS_BSWAP32((uint32_t) a); + return (mbedtls_mpi_uint) MBEDTLS_BSWAP32(a); #elif defined(MBEDTLS_HAVE_INT64) - return (mbedtls_mpi_uint) MBEDTLS_BSWAP64((uint64_t) a); + return (mbedtls_mpi_uint) MBEDTLS_BSWAP64(a); #else #error "This is one of several places that need to be adapted to support a new limb size" #endif From 85061b97b57f6bd70d90be58b4ba1c0548035aee Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 6 Sep 2023 08:41:05 +0100 Subject: [PATCH 5/5] Improve sanity checking of MBEDTLS_HAVE_INTxx Signed-off-by: Dave Rodgman --- include/mbedtls/bignum.h | 9 +++++++++ library/bignum_core.c | 2 -- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 3ba177799..eb8446ea8 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -186,6 +186,15 @@ typedef uint64_t mbedtls_t_udbl; #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_HAVE_INT64 */ +/* + * Sanity check that exactly one of MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64 is defined, + * so that code elsewhere doesn't have to check. + */ +#if (!(defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64))) || \ + (defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)) +#error "Only 32-bit or 64-bit limbs are supported in bignum" +#endif + /** \typedef mbedtls_mpi_uint * \brief The type of machine digits in a bignum, called _limbs_. * diff --git a/library/bignum_core.c b/library/bignum_core.c index e719dcc69..dbf6d1df4 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -87,8 +87,6 @@ static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) return (mbedtls_mpi_uint) MBEDTLS_BSWAP32(a); #elif defined(MBEDTLS_HAVE_INT64) return (mbedtls_mpi_uint) MBEDTLS_BSWAP64(a); -#else -#error "This is one of several places that need to be adapted to support a new limb size" #endif } }