[ub] ub due to left operand of shift

Jens Maurer Jens.Maurer at gmx.net
Fri Oct 25 21:50:53 CEST 2013


On 10/25/2013 09:36 PM, John Regehr wrote:
>> What reason do you have to believe that crypto is using any signed
>> arithmetic?  I would not.
> 
> Here's an example that's at least slightly interesting, from the latest 
> version of LibTomCrypt:
> 
> kappa[i] =
>           (key[pos    ] << 24) ^
>           (key[pos + 1] << 16) ^
>           (key[pos + 2] <<  8) ^
>           (key[pos + 3]      );
> 
> key is a pointer to unsigned char. Of course, the array element becomes 
> signed after promotion. The shift by 24 then executes an undefined 
> behavior whenever the shifted value is >127.
> 
> So the interesting thing is that the developer is basically doing things 
> right and getting hosed by the arithmetic conversions.

If I'm reading 5p10 correctly, this should help (and is consistently
expressing intent):

kappa[i] =
          (key[pos    ] << 24u) ^
          (key[pos + 1] << 16u) ^
          (key[pos + 2] <<  8u) ^
          (key[pos + 3]      );

Jens


More information about the ub mailing list