From f3820e36f7431ffc6bf63b2848707d27ff7f00cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Jun 2019 16:42:35 +0200 Subject: [PATCH] Fix misuse of signed ints in the HAVEGE module Update havege.h to the new version in the crypto module. This is technically an API break, since the type mbedtls_havege_state is exposed in a public header. However normal applications should not be affected. There is no ABI break on platforms where uint32_t and int are treated identically, which is virtually all of them. Fix #2598 --- ChangeLog | 2 ++ include/mbedtls/havege.h | 7 ++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index bf835b65f..189fd925b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -58,11 +58,13 @@ Bugfix * Set the next sequence of the subject_alt_name to NULL when deleting sequence on failure. Found and fix suggested by Philippe Antoine. Credit to OSS-Fuzz. + * Fix misuse of signed arithmetic in the HAVEGE module. #2598 API Changes * Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes, and the used tls-prf. * Add public API for tls-prf function, according to requested enum. + * The HAVEGE state type now uses uint32_t elements instead of int. Changes * Server's RSA certificate in certs.c was SHA-1 signed. In the default diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h index 4c1c86087..749257a36 100644 --- a/include/mbedtls/havege.h +++ b/include/mbedtls/havege.h @@ -31,6 +31,7 @@ #endif #include +#include #define MBEDTLS_HAVEGE_COLLECT_SIZE 1024 @@ -43,9 +44,9 @@ extern "C" { */ typedef struct mbedtls_havege_state { - int PT1, PT2, offset[2]; - int pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; - int WALK[8192]; + uint32_t PT1, PT2, offset[2]; + uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; + uint32_t WALK[8192]; } mbedtls_havege_state;