Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src of unsigned_read should be const #581

Open
mabuchner opened this issue Dec 29, 2021 · 1 comment
Open

src of unsigned_read should be const #581

mabuchner opened this issue Dec 29, 2021 · 1 comment

Comments

@mabuchner
Copy link

The ltc_math_descriptor.unsigned_read function pointer has a non-const src pointer argument, which the function is not supposed to modify

libtomcrypt/src/headers/tomcrypt_math.h

Line 179 in 673f5ce

unsigned char *src,

This is error prone as one might accidentally swap dst and src.

The src pointer should get marked as const.

int (*unsigned_read)(void *dst,
                     const unsigned char *src,
                     unsigned long  len);
@mabuchner
Copy link
Author

In various places libtomcrypt tries to use a constant src, but it then has to cast away the constness in order to call the unsigned_read function. E.g. see this

libtomcrypt/src/pk/ecc/ecc_verify_hash.c

Line 78 in 673f5ce

if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig, i)) != CRYPT_OK) { goto error; }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mabuchner