boringssl

History

David Benjamin 0375127606 Promise more accurate bounds than EVP_MD_MAX_SIZE. A caller using EVP_Digest* which a priori knows tighter bounds on the hash function used (perhaps because it is always a particular hash) can assume the function will not write more bytes than the size of the hash. The letter of the rules before vaguely[] allowed for more than EVP_MD_MAX_SIZE bytes written which made for some unreasonable code in Chromium. Officially clarify this and add tests which, when paired with valgrind and ASan prove it. BUG=59 [] Not really. I think it already promised the output length will be both the number of bytes written and the size of the hash and the size of the hash is given by what the function promises to compute. Meh. Change-Id: I736d526e81cca30475c90897bca896293ff30278 Reviewed-on: https://boringssl-review.googlesource.com/9066 Reviewed-by: Eric Roman <ericroman@google.com> Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2016-08-01 23:24:04 +00:00
..
openssl	Promise more accurate bounds than EVP_MD_MAX_SIZE.	2016-08-01 23:24:04 +00:00

David Benjamin 0375127606 Promise more accurate bounds than EVP_MD_MAX_SIZE.

A caller using EVP_Digest* which a priori knows tighter bounds on the
hash function used (perhaps because it is always a particular hash) can
assume the function will not write more bytes than the size of the hash.

The letter of the rules before vaguely[*] allowed for more than
EVP_MD_MAX_SIZE bytes written which made for some unreasonable code in
Chromium. Officially clarify this and add tests which, when paired with
valgrind and ASan prove it.

BUG=59

[*] Not really. I think it already promised the output length will be
both the number of bytes written and the size of the hash and the size
of the hash is given by what the function promises to compute. Meh.

Change-Id: I736d526e81cca30475c90897bca896293ff30278
Reviewed-on: https://boringssl-review.googlesource.com/9066
Reviewed-by: Eric Roman <ericroman@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

2016-08-01 23:24:04 +00:00

openssl

Promise more accurate bounds than EVP_MD_MAX_SIZE.

2016-08-01 23:24:04 +00:00