From a63ba6cd9313457ad4f2890b94abe7a0652e9ec4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Sep 2021 09:36:28 +0200 Subject: [PATCH] psa_cipher_update_ecb: remove parameter output_size This parameter was set but not used, which was pointless. Clang 14 detects this and legitimately complains. Remove the parameter. This is an internal function, only called once. The caller already has a sufficient check on the output buffer size which applies in more cases, so there is no real gain in robustness in adding the same check inside the internal function. Signed-off-by: Gilles Peskine --- ChangeLog.d/psa_cipher_update_ecp.txt | 2 ++ library/psa_crypto_cipher.c | 9 ++------- 2 files changed, 4 insertions(+), 7 deletions(-) create mode 100644 ChangeLog.d/psa_cipher_update_ecp.txt diff --git a/ChangeLog.d/psa_cipher_update_ecp.txt b/ChangeLog.d/psa_cipher_update_ecp.txt new file mode 100644 index 000000000..1c3fbc6b1 --- /dev/null +++ b/ChangeLog.d/psa_cipher_update_ecp.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935. diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 1500bd6da..f0bc43657 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -271,9 +271,8 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, * This does not need to be aligned to a block boundary. * If there is a partial block at the end of the input, * it is stored in \p ctx for future processing. - * \param output The buffer where the output is written. - * \param output_size The size of \p output in bytes. - * It must be at least `floor((p + input_length) / BS)` + * \param output The buffer where the output is written. Its size + * must be at least `floor((p + input_length) / BS)` * where `p` is the number of bytes in the unprocessed * partial block in \p ctx (`0 <= p <= BS - 1`) and * `BS` is the block size. @@ -287,7 +286,6 @@ static psa_status_t psa_cipher_update_ecb( const uint8_t *input, size_t input_length, uint8_t *output, - size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -327,7 +325,6 @@ static psa_status_t psa_cipher_update_ecb( goto exit; output += internal_output_length; - output_size -= internal_output_length; *output_length += internal_output_length; ctx->unprocessed_len = 0; } @@ -348,7 +345,6 @@ static psa_status_t psa_cipher_update_ecb( input += block_size; output += internal_output_length; - output_size -= internal_output_length; *output_length += internal_output_length; } @@ -403,7 +399,6 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, input, input_length, output, - output_size, output_length ); } else