From: Jouni Malinen Date: Sat, 21 Nov 2009 18:17:24 +0000 (+0200) Subject: Fix strict aliasing issue with the internal SHA-1 implementation X-Git-Tag: hostap_0_7_0~8 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=libeap.git;a=commitdiff_plain;h=6d798e8b7e748935e10262566dc9b6ff02ac7d31 Fix strict aliasing issue with the internal SHA-1 implementation Need to define the workspace buffer properly to allow compiler to handle strict aliasing between the incoming unsigned char[64] buffer as an u32 array. The previous version built with strict aliasing enabled can result in SHA-1 producing incorrect results and consequently, with 4-way handshake failing. This is based on a report and patch from Dan Williams but with a different type (the union) used as a fix to avoid needing extra type casting. Discovered as part of the investigation of: https://bugzilla.redhat.com/show_bug.cgi?id=494262#c32 if sha1 is built with gcc without turning off strict aliasing, it will fail to correctly generate the hashes and will fail its own testcases as well. Signed-off-by: Dan Williams --- diff --git a/src/crypto/sha1-internal.c b/src/crypto/sha1-internal.c index 51e6121..3f05ca1 100644 --- a/src/crypto/sha1-internal.c +++ b/src/crypto/sha1-internal.c @@ -183,8 +183,8 @@ void SHA1Transform(u32 state[5], const unsigned char buffer[64]) } CHAR64LONG16; CHAR64LONG16* block; #ifdef SHA1HANDSOFF - u32 workspace[16]; - block = (CHAR64LONG16 *) workspace; + CHAR64LONG16 workspace; + block = &workspace; os_memcpy(block, buffer, 64); #else block = (CHAR64LONG16 *) buffer;