krb5/SOURCES/Avoid-alignment-warnings-in-openssl-rc4.c.patch
2021-10-08 12:27:07 +00:00

64 lines
2.6 KiB
Diff

From e22f3e2439903aa05321ca339be6a12067b2c4db Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Mon, 6 May 2019 15:14:49 -0400
Subject: [PATCH] Avoid alignment warnings in openssl rc4.c
Add a comment to k5_arcfour_init_state() explaining how we stretch the
krb5_data cipher state contract. Use void * casts when interpreting
the data pointer to avoid alignment warnings.
[ghudson@mit.edu: moved and expanded comment; rewrote commit message]
(cherry picked from commit 1cd41d76c12fc1cea0a8bf0d6a40f34623c60d6d)
---
src/lib/crypto/openssl/enc_provider/rc4.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
index 7f3c086ed..a65d57b7a 100644
--- a/src/lib/crypto/openssl/enc_provider/rc4.c
+++ b/src/lib/crypto/openssl/enc_provider/rc4.c
@@ -57,7 +57,7 @@ struct arcfour_state {
/* In-place IOV crypto */
static krb5_error_code
-k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
+k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
size_t num_data)
{
size_t i;
@@ -66,7 +66,7 @@ k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
EVP_CIPHER_CTX *ctx = NULL;
struct arcfour_state *arcstate;
- arcstate = (state != NULL) ? (struct arcfour_state *) state->data : NULL;
+ arcstate = (state != NULL) ? (void *)state->data : NULL;
if (arcstate != NULL) {
ctx = arcstate->ctx;
if (arcstate->loopback != arcstate)
@@ -113,7 +113,7 @@ k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
static void
k5_arcfour_free_state(krb5_data *state)
{
- struct arcfour_state *arcstate = (struct arcfour_state *) state->data;
+ struct arcfour_state *arcstate = (void *)state->data;
EVP_CIPHER_CTX_free(arcstate->ctx);
free(arcstate);
@@ -125,6 +125,15 @@ k5_arcfour_init_state(const krb5_keyblock *key,
{
struct arcfour_state *arcstate;
+ /*
+ * The cipher state here is a saved pointer to a struct arcfour_state
+ * object, rather than a flat byte array as in most enc providers. The
+ * object includes a loopback pointer to detect if if the caller made a
+ * copy of the krb5_data value or otherwise assumed it was a simple byte
+ * array. When we cast the data pointer back, we need to go through void *
+ * to avoid increased alignment warnings.
+ */
+
/* Create a state structure with an uninitialized context. */
arcstate = calloc(1, sizeof(*arcstate));
if (arcstate == NULL)