Fix strict aliasing issue with the internal SHA-1 implementation

Need to define the workspace buffer properly to allow compiler to handle
strict aliasing between the incoming unsigned char[64] buffer as an u32
array. The previous version built with strict aliasing enabled can
result in SHA-1 producing incorrect results and consequently, with
4-way handshake failing.

This is based on a report and patch from Dan Williams <dcbw@redhat.com>
but with a different type (the union) used as a fix to avoid needing
extra type casting.

Discovered as part of the investigation of:

https://bugzilla.redhat.com/show_bug.cgi?id=494262#c32

if sha1 is built with gcc without turning off strict aliasing, it will
fail to correctly generate the hashes and will fail its own testcases as
well.

Signed-off-by: Dan Williams <dcbw@redhat.com>

diff --git a/src/crypto/sha1-internal.c b/src/crypto/sha1-internal.c
index 51e6121..3f05ca1 100644 (file)
--- a/src/crypto/sha1-internal.c
+++ b/src/crypto/sha1-internal.c
@@ -183,8 +183,8 @@ void SHA1Transform(u32 state[5], const unsigned char buffer[64])
        } CHAR64LONG16;
        CHAR64LONG16* block;
 #ifdef SHA1HANDSOFF
-       u32 workspace[16];
-       block = (CHAR64LONG16 *) workspace;
+       CHAR64LONG16 workspace;
+       block = &workspace;
        os_memcpy(block, buffer, 64);
 #else
        block = (CHAR64LONG16 *) buffer;