2016-05-20 22:46:29 +08:00
|
|
|
/*
|
2024-03-20 20:07:54 +08:00
|
|
|
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
|
2016-05-20 22:46:29 +08:00
|
|
|
*
|
2018-12-06 20:44:07 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-20 22:46:29 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
|
* https://www.openssl.org/source/license.html
|
|
|
|
|
*/
|
2017-06-07 23:23:37 +08:00
|
|
|
#include <openssl/crypto.h>
|
2016-05-20 22:46:29 +08:00
|
|
|
|
2018-07-29 20:11:49 +08:00
|
|
|
#include "internal/tsan_assist.h"
|
|
|
|
|
|
2016-05-20 22:46:29 +08:00
|
|
|
struct lhash_node_st {
|
|
|
|
|
void *data;
|
|
|
|
|
struct lhash_node_st *next;
|
|
|
|
|
unsigned long hash;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct lhash_st {
|
2016-05-22 16:57:18 +08:00
|
|
|
OPENSSL_LH_NODE **b;
|
2016-05-20 22:46:29 +08:00
|
|
|
OPENSSL_LH_COMPFUNC comp;
|
|
|
|
|
OPENSSL_LH_HASHFUNC hash;
|
Introduce hash thunking functions to do proper casting
ubsan on clang17 has started warning about the following undefined
behavior:
crypto/lhash/lhash.c:299:12: runtime error: call to function err_string_data_hash through pointer to incorrect function type 'unsigned long (*)(const void *)'
[...]/crypto/err/err.c:184: note: err_string_data_hash defined here
#0 0x7fa569e3a434 in getrn [...]/crypto/lhash/lhash.c:299:12
#1 0x7fa569e39a46 in OPENSSL_LH_insert [...]/crypto/lhash/lhash.c:119:10
#2 0x7fa569d866ee in err_load_strings [...]/crypto/err/err.c:280:15
[...]
The issue occurs because, the generic hash functions (OPENSSL_LH_*) will
occasionaly call back to the type specific registered functions for hash
generation/comparison/free/etc, using functions of the (example)
prototype:
[return value] <hash|cmp|free> (void *, [void *], ...)
While the functions implementing hash|cmp|free|etc are defined as
[return value] <fnname> (TYPE *, [TYPE *], ...)
The compiler, not knowing the type signature of the function pointed to
by the implementation, performs no type conversion on the function
arguments
While the C language specification allows for pointers to data of one
type to be converted to pointers of another type, it does not
allow for pointers to functions with one signature to be called
while pointing to functions of another signature. Compilers often allow
this behavior, but strictly speaking it results in undefined behavior
As such, ubsan warns us about this issue
This is an potential fix for the issue, implemented using, in effect,
thunking macros. For each hash type, an additional set of wrapper
funtions is created (currently for compare and hash, but more will be
added for free/doall/etc). The corresponding thunking macros for each
type cases the actuall corresponding callback to a function pointer of
the proper type, and then calls that with the parameters appropriately
cast, avoiding the ubsan warning
This approach is adventageous as it maintains a level of type safety,
but comes at the cost of having to implement several additional
functions per hash table type.
Related to #22896
Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23192)
2023-12-03 11:22:32 +08:00
|
|
|
OPENSSL_LH_HASHFUNCTHUNK hashw;
|
|
|
|
|
OPENSSL_LH_COMPFUNCTHUNK compw;
|
|
|
|
|
OPENSSL_LH_DOALL_FUNC_THUNK daw;
|
|
|
|
|
OPENSSL_LH_DOALL_FUNCARG_THUNK daaw;
|
2016-05-20 22:46:29 +08:00
|
|
|
unsigned int num_nodes;
|
|
|
|
|
unsigned int num_alloc_nodes;
|
|
|
|
|
unsigned int p;
|
|
|
|
|
unsigned int pmax;
|
|
|
|
|
unsigned long up_load; /* load times 256 */
|
|
|
|
|
unsigned long down_load; /* load times 256 */
|
|
|
|
|
unsigned long num_items;
|
|
|
|
|
int error;
|
|
|
|
|
};
|
