GCC 15 warning for GCM implementation
NIIBE Yutaka
gniibe at fsij.org
Sat Jul 5 03:03:36 CEST 2025
Hello,
I encountered a warning when I use GCC 15.
==========================
libgcrypt/cipher/cipher-gcm.c: In function 'do_ghash_buf.constprop':
libgcrypt/cipher/cipher-gcm.c:764:23: warning: array subscript 17 is above array bounds of 'unsigned char[16]' [-Warray-bounds=]
764 | memset (&c->u_mode.gcm.macbuf[unused], 0, n);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
==========================
It's not the case actually. The size_t type of n (unsigned) might be
the cause of confusion, I suppose.
To silence the warning, I tried this patch:
==========================
diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index 5bb98015..ef657742 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -753,14 +753,12 @@ do_ghash_buf(gcry_cipher_hd_t c, byte *hash, const byte *buf,
}
if (!buflen)
{
- if (!do_padding && unused < blocksize)
+ if (unused < blocksize)
{
- break;
- }
+ if (!do_padding)
+ break;
- n = blocksize - unused;
- if (n > 0)
- {
+ n = blocksize - unused;
memset (&c->u_mode.gcm.macbuf[unused], 0, n);
unused = blocksize;
}
==========================
That is, new code will be following:
==========================
if (!buflen)
{
if (unused < blocksize)
{
if (!do_padding)
break;
n = blocksize - unused;
memset (&c->u_mode.gcm.macbuf[unused], 0, n);
unused = blocksize;
}
}
==========================
I think that new code has clean semantics and read easier (computing
N only when the condition holds).
Any suggestions are welcome.
--
More information about the Gcrypt-devel
mailing list