freebsd-nq/lib/libmd
Colin Percival 23f6784297 Use unsigned comparisons. Prior to this commit, SHA1_Update and
RIPEMD160_Update were broken when all of the following conditions
applied:
(1) The platform is i386.
(2) The program calling *_Update is statically linked to libmd.
(3) The buffer provided to *_Update is aligned modulo 4 bytes.
(4) The buffer extends beyond 2GB.

Due to the design of this code, SHA1_Update and RIPEMD160_Update will
still be broken if conditions (1)-(3) apply AND the buffer extends
beyond 4GB (i.e., there is an integer overflow in computing "data + len").
Since this remaining bug simply replaces SIGSEGV with a bogus hash (and
non-broken programs should never provide such operands) I don't consider
it to be a serious problem.

MFC After:      1 week
PR:             kern/102795
2007-05-14 05:00:37 +00:00
..
i386
Makefile
md2.copyright
md2.h
md2c.c
md4.copyright
md4.h
md4c.c
md5.copyright
md5.h
md5c.c
mddriver.c
mdX.3
mdXhl.c
ripemd.3
ripemd.h
rmd160c.c
rmd_locl.h
rmdconst.h
rmddriver.c
sha0c.c
sha1c.c
sha256.3
sha256.h
sha256c.c
sha_locl.h
sha.3
sha.h
shadriver.c