about summary refs log tree commit diff
diff options
context:
space:
mode:
authorPaul Eggert <eggert@cs.ucla.edu>2012-08-15 20:49:45 +0200
committerAndreas Jaeger <aj@suse.de>2012-08-15 20:49:45 +0200
commit02dcb6c5a240aa6c80ac55748a9ef88532427d06 (patch)
tree85be77143fae324da39c15ba39123dc9bac07c77
parentbe75d758071ac8d87149c0e806fc96dd3d277696 (diff)
downloadglibc-02dcb6c5a240aa6c80ac55748a9ef88532427d06.tar.gz
glibc-02dcb6c5a240aa6c80ac55748a9ef88532427d06.tar.xz
glibc-02dcb6c5a240aa6c80ac55748a9ef88532427d06.zip
Fix BZ#14090 - md5/sha512 with large sizes
-rw-r--r--ChangeLog8
-rw-r--r--crypt/md5.c9
-rw-r--r--crypt/sha512.c9
3 files changed, 17 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index d1d4e9e959..b5dd74fcb6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2012-08-15  Paul Eggert  <eggert@cs.ucla.edu>
+
+	[BZ #14090]
+	* crypt/md5.c (md5_process_block): Don't assume the buffer
+	length is less than 2**32.
+	* crypt/sha512.c (sha512_process_block): Don't assume the buffer
+	length is less than 2**64.
+
 2012-08-15  Roland McGrath  <roland@hack.frob.com>
 
 	* string/str-two-way.h: Include <sys/param.h>.
diff --git a/crypt/md5.c b/crypt/md5.c
index 292bee1845..3d2e79b905 100644
--- a/crypt/md5.c
+++ b/crypt/md5.c
@@ -1,7 +1,6 @@
 /* Functions to compute MD5 message digest of files or memory blocks.
    according to the definition of MD5 in RFC 1321 from April 1992.
-   Copyright (C) 1995,1996,1997,1999,2000,2001,2005,2011
-	Free Software Foundation, Inc.
+   Copyright (C) 1995-2012 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -312,13 +311,13 @@ md5_process_block (buffer, len, ctx)
   md5_uint32 B = ctx->B;
   md5_uint32 C = ctx->C;
   md5_uint32 D = ctx->D;
+  md5_uint32 lolen = len;
 
   /* First increment the byte count.  RFC 1321 specifies the possible
      length of the file up to 2^64 bits.  Here we only compute the
      number of bytes.  Do a double word increment.  */
-  ctx->total[0] += len;
-  if (ctx->total[0] < len)
-    ++ctx->total[1];
+  ctx->total[0] += lolen;
+  ctx->total[1] += (len >> 31 >> 1) + (ctx->total[0] < lolen);
 
   /* Process all bytes in the buffer with 64 bytes in each round of
      the loop.  */
diff --git a/crypt/sha512.c b/crypt/sha512.c
index 6e531c58ec..bec7bb3515 100644
--- a/crypt/sha512.c
+++ b/crypt/sha512.c
@@ -1,6 +1,6 @@
 /* Functions to compute SHA512 message digest of files or memory blocks.
    according to the definition of SHA512 in FIPS 180-2.
-   Copyright (C) 2007, 2011 Free Software Foundation, Inc.
+   Copyright (C) 2007-2012 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -123,9 +123,10 @@ sha512_process_block (const void *buffer, size_t len, struct sha512_ctx *ctx)
 #ifdef USE_TOTAL128
   ctx->total128 += len;
 #else
-  ctx->total[TOTAL128_low] += len;
-  if (ctx->total[TOTAL128_low] < len)
-    ++ctx->total[TOTAL128_high];
+  uint64_t lolen = len;
+  ctx->total[TOTAL128_low] += lolen;
+  ctx->total[TOTAL128_high] += ((len >> 63 >> 1)
+				+ (ctx->total[TOTAL128_low] < lolen));
 #endif
 
   /* Process all bytes in the buffer with 128 bytes in each round of