commit 45b2464158379f48cec6e35a1ef503ddea1511a6
author David Benjamin <davidben@google.com> Fri Jun 21 17:00:31 2024 -0400
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Fri Jun 21 21:53:36 2024 +0000
tree 7f37b25e1d3c8b56eb8f9485c717a36e62a6b2f2
parent 2fcdd11f6d33b667968a5bc5147e2ba83a2082b8

Rewrite CBS_get_asn1_int64 slightly

GCC 13.2.0 has a false positive in -Wstringop-overflow. Oddly, I can
only reproduce it with -O2 -march=native. The old code was also correct,
but this version seems to do a better job of avoiding the warning.
Instead of reversing the variable-length string while sign-extending, we
assemble a big-endian sign-extended version and then do a fixed-width
byte swap at the end.

Fixed: 42290598
Change-Id: I6d5de1e1d6d117f6b5947d3a2155e794764eb472
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/69547
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Auto-Submit: David Benjamin <davidben@google.com>

crypto/bytestring/cbs.c

diff --git a/crypto/bytestring/cbs.c b/crypto/bytestring/cbs.c
index bf94db1..c5f0464 100644
--- a/crypto/bytestring/cbs.c
+++ b/crypto/bytestring/cbs.c
@@ -507,11 +507,9 @@
     return 0;
   }
   uint8_t sign_extend[sizeof(int64_t)];
-  memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
-  for (size_t i = 0; i < len; i++) {
-    sign_extend[i] = data[len - i - 1];
-  }
-  memcpy(out, sign_extend, sizeof(sign_extend));
+  OPENSSL_memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
+  OPENSSL_memcpy(sign_extend + sizeof(int64_t) - len, data, len);
+  *out = CRYPTO_load_u64_be(sign_extend);
   return 1;
 }