From 2f97b11031d2329a257f1e0ea8b7c9dc22e88e00 Mon Sep 17 00:00:00 2001
From: "John M. Schanck" <jschanck@uwaterloo.ca>
Date: Fri, 16 Oct 2020 07:48:23 -0400
Subject: [PATCH] saber: fix initialization and casting issues

---
 crypto_kem/firesaber/clean/SABER_indcpa.c  | 4 ++--
 crypto_kem/firesaber/clean/cbd.c           | 2 +-
 crypto_kem/lightsaber/clean/SABER_indcpa.c | 4 ++--
 crypto_kem/saber/clean/SABER_indcpa.c      | 4 ++--
 crypto_kem/saber/clean/cbd.c               | 2 +-
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/crypto_kem/firesaber/clean/SABER_indcpa.c b/crypto_kem/firesaber/clean/SABER_indcpa.c
index 8f4364e7..76156e79 100644
--- a/crypto_kem/firesaber/clean/SABER_indcpa.c
+++ b/crypto_kem/firesaber/clean/SABER_indcpa.c
@@ -13,7 +13,7 @@
 void PQCLEAN_FIRESABER_CLEAN_indcpa_kem_keypair(uint8_t pk[SABER_INDCPA_PUBLICKEYBYTES], uint8_t sk[SABER_INDCPA_SECRETKEYBYTES]) {
     uint16_t A[SABER_L][SABER_L][SABER_N];
     uint16_t s[SABER_L][SABER_N];
-    uint16_t b[SABER_L][SABER_N] = {0};
+    uint16_t b[SABER_L][SABER_N] = {{0}};
 
     uint8_t seed_A[SABER_SEEDBYTES];
     uint8_t seed_s[SABER_NOISE_SEEDBYTES];
@@ -41,7 +41,7 @@ void PQCLEAN_FIRESABER_CLEAN_indcpa_kem_keypair(uint8_t pk[SABER_INDCPA_PUBLICKE
 void PQCLEAN_FIRESABER_CLEAN_indcpa_kem_enc(uint8_t ciphertext[SABER_BYTES_CCA_DEC], const uint8_t m[SABER_KEYBYTES], const uint8_t seed_sp[SABER_NOISE_SEEDBYTES], const uint8_t pk[SABER_INDCPA_PUBLICKEYBYTES]) {
     uint16_t A[SABER_L][SABER_L][SABER_N];
     uint16_t sp[SABER_L][SABER_N];
-    uint16_t bp[SABER_L][SABER_N] = {0};
+    uint16_t bp[SABER_L][SABER_N] = {{0}};
     uint16_t vp[SABER_N] = {0};
     uint16_t mp[SABER_N];
     uint16_t b[SABER_L][SABER_N];
diff --git a/crypto_kem/firesaber/clean/cbd.c b/crypto_kem/firesaber/clean/cbd.c
index 8032eb5c..28fbc61c 100644
--- a/crypto_kem/firesaber/clean/cbd.c
+++ b/crypto_kem/firesaber/clean/cbd.c
@@ -25,7 +25,7 @@ void PQCLEAN_FIRESABER_CLEAN_cbd(uint16_t s[SABER_N], const uint8_t buf[SABER_PO
     int i, j;
 
     for (i = 0; i < SABER_N / 4; i++) {
-        t = load_littleendian(buf + 3 * i, 3);
+        t = (uint32_t) load_littleendian(buf + 3 * i, 3);
         d = 0;
         for (j = 0; j < 3; j++) {
             d += (t >> j) & 0x249249;
diff --git a/crypto_kem/lightsaber/clean/SABER_indcpa.c b/crypto_kem/lightsaber/clean/SABER_indcpa.c
index ccb72492..4b9cb150 100644
--- a/crypto_kem/lightsaber/clean/SABER_indcpa.c
+++ b/crypto_kem/lightsaber/clean/SABER_indcpa.c
@@ -13,7 +13,7 @@
 void PQCLEAN_LIGHTSABER_CLEAN_indcpa_kem_keypair(uint8_t pk[SABER_INDCPA_PUBLICKEYBYTES], uint8_t sk[SABER_INDCPA_SECRETKEYBYTES]) {
     uint16_t A[SABER_L][SABER_L][SABER_N];
     uint16_t s[SABER_L][SABER_N];
-    uint16_t b[SABER_L][SABER_N] = {0};
+    uint16_t b[SABER_L][SABER_N] = {{0}};
 
     uint8_t seed_A[SABER_SEEDBYTES];
     uint8_t seed_s[SABER_NOISE_SEEDBYTES];
@@ -41,7 +41,7 @@ void PQCLEAN_LIGHTSABER_CLEAN_indcpa_kem_keypair(uint8_t pk[SABER_INDCPA_PUBLICK
 void PQCLEAN_LIGHTSABER_CLEAN_indcpa_kem_enc(uint8_t ciphertext[SABER_BYTES_CCA_DEC], const uint8_t m[SABER_KEYBYTES], const uint8_t seed_sp[SABER_NOISE_SEEDBYTES], const uint8_t pk[SABER_INDCPA_PUBLICKEYBYTES]) {
     uint16_t A[SABER_L][SABER_L][SABER_N];
     uint16_t sp[SABER_L][SABER_N];
-    uint16_t bp[SABER_L][SABER_N] = {0};
+    uint16_t bp[SABER_L][SABER_N] = {{0}};
     uint16_t vp[SABER_N] = {0};
     uint16_t mp[SABER_N];
     uint16_t b[SABER_L][SABER_N];
diff --git a/crypto_kem/saber/clean/SABER_indcpa.c b/crypto_kem/saber/clean/SABER_indcpa.c
index fe54f4ca..c36f02ea 100644
--- a/crypto_kem/saber/clean/SABER_indcpa.c
+++ b/crypto_kem/saber/clean/SABER_indcpa.c
@@ -13,7 +13,7 @@
 void PQCLEAN_SABER_CLEAN_indcpa_kem_keypair(uint8_t pk[SABER_INDCPA_PUBLICKEYBYTES], uint8_t sk[SABER_INDCPA_SECRETKEYBYTES]) {
     uint16_t A[SABER_L][SABER_L][SABER_N];
     uint16_t s[SABER_L][SABER_N];
-    uint16_t b[SABER_L][SABER_N] = {0};
+    uint16_t b[SABER_L][SABER_N] = {{0}};
 
     uint8_t seed_A[SABER_SEEDBYTES];
     uint8_t seed_s[SABER_NOISE_SEEDBYTES];
@@ -41,7 +41,7 @@ void PQCLEAN_SABER_CLEAN_indcpa_kem_keypair(uint8_t pk[SABER_INDCPA_PUBLICKEYBYT
 void PQCLEAN_SABER_CLEAN_indcpa_kem_enc(uint8_t ciphertext[SABER_BYTES_CCA_DEC], const uint8_t m[SABER_KEYBYTES], const uint8_t seed_sp[SABER_NOISE_SEEDBYTES], const uint8_t pk[SABER_INDCPA_PUBLICKEYBYTES]) {
     uint16_t A[SABER_L][SABER_L][SABER_N];
     uint16_t sp[SABER_L][SABER_N];
-    uint16_t bp[SABER_L][SABER_N] = {0};
+    uint16_t bp[SABER_L][SABER_N] = {{0}};
     uint16_t vp[SABER_N] = {0};
     uint16_t mp[SABER_N];
     uint16_t b[SABER_L][SABER_N];
diff --git a/crypto_kem/saber/clean/cbd.c b/crypto_kem/saber/clean/cbd.c
index e0ccef9d..b8dee33b 100644
--- a/crypto_kem/saber/clean/cbd.c
+++ b/crypto_kem/saber/clean/cbd.c
@@ -25,7 +25,7 @@ void PQCLEAN_SABER_CLEAN_cbd(uint16_t s[SABER_N], const uint8_t buf[SABER_POLYCO
     int i, j;
 
     for (i = 0; i < SABER_N / 4; i++) {
-        t = load_littleendian(buf + 4 * i, 4);
+        t = (uint32_t) load_littleendian(buf + 4 * i, 4);
         d = 0;
         for (j = 0; j < 4; j++) {
             d += (t >> j) & 0x11111111;