mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-23 02:42:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update comment, and replace bit-twiddling with #error

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-09-12 09:29:33 +01:00
parent 70e022b024
commit 98926d5fb1
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
library/constant_time.c
View File

@ -121,10 +121,14 @@ int mbedtls_ct_memcmp(const void *a,
diff |= x ^ y; diff |= x ^ y;
} }
#if UINT_MAX < UINT32_MAX
/* In case the only bits set are in the top 16-bits, and would be lost #if (UINT_MAX < UINT32_MAX)
* by the conversion to 16-bit int (the smallest possible size for int). */ /* We don't support int smaller than 32-bits, but if someone tried to build
return (int) (diff | (diff >> 16)) * with this configuration, there is a risk that, for differing data, the
* only bits set in diff are in the top 16-bits, and would be lost by a
* simple cast from uint32 to int.
* This would have significant security implications, so protect against it. */
#error "mbedtls_ct_memcmp() requires minimum 32-bit ints"
#else #else
return (int) diff; return (int) diff;
#endif #endif