1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00

Argon2 hprime: remove pointless bounds check.

Coverity points out that we don't need to check the output buffer
bound before writing out the first 32 bytes of each full-length
BLAKE2b invocation, because the only time we're doing a full-length
one in the first place is if the output buffer bound was at least 64
bytes.

(More specifically: whenever we're in the while loop, length > 64, so
setting chunk = 32 and then checking if chunk > length has a totally
predictable answer.)
This commit is contained in:
Simon Tatham 2021-04-09 17:48:28 +01:00
parent bb59f27386
commit 52fa23c7fe

View File

@ -66,12 +66,9 @@ static void hprime_final(ssh_hash *h, unsigned length, void *vout)
uint8_t hashbuf[64];
ssh_hash_final(h, hashbuf);
unsigned chunk = 32;
if (chunk > length)
chunk = length;
memcpy(out, hashbuf, chunk);
out += chunk;
length -= chunk;
memcpy(out, hashbuf, 32);
out += 32;
length -= 32;
h = blake2b_new_general(length > 64 ? 64 : length);
put_data(h, hashbuf, 64);