diff options
| author | Björn Esser <besser82@fedoraproject.org> | 2019-09-07 11:05:36 +0200 |
|---|---|---|
| committer | Björn Esser <besser82@fedoraproject.org> | 2019-09-07 11:05:36 +0200 |
| commit | 26a4db24c361c28e4b33ddaeb992498822952e33 (patch) | |
| tree | 30194afca9e55ec4ebfcc71b18e1a1f9c3d2d660 /lib | |
| parent | e9a11b754a996995bf6b0b99a3dc854bf6e473bf (diff) | |
| download | libxcrypt-26a4db24c361c28e4b33ddaeb992498822952e33.tar.gz libxcrypt-26a4db24c361c28e4b33ddaeb992498822952e33.tar.bz2 libxcrypt-26a4db24c361c28e4b33ddaeb992498822952e33.zip | |
alg-sha256: Fix false positive finding from CovScan. (Fixes #93)
The loop runs exactly three times and the code in question will only be
executed during the first two iterations, which are i = 16 and i = 32.
CovScan thinks the loop runs four times and code is executed during
three iterations, which are i = 16, i = 32, and i = 64.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/alg-sha256.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/alg-sha256.c b/lib/alg-sha256.c index 2f8e352..931bb33 100644 --- a/lib/alg-sha256.c +++ b/lib/alg-sha256.c @@ -145,7 +145,7 @@ SHA256_Transform(uint32_t state[static restrict 8], memcpy(S, state, 32); /* 3. Mix. */ - for (i = 0; i < 64; i += 16) { + for (i = 0; i <= 48; i += 16) { RNDr(S, W, 0, i); RNDr(S, W, 1, i); RNDr(S, W, 2, i); @@ -165,6 +165,7 @@ SHA256_Transform(uint32_t state[static restrict 8], if (i == 48) break; + MSCH(W, 0, i); MSCH(W, 1, i); MSCH(W, 2, i); |