wg: curve25519: handle unaligned loads/stores safely

Reported-by: Chris Hewitt <chris@chrishewitt.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/src/curve25519.c b/src/curve25519.c
index c65b2caf07488136ab6be57d753f7892be431b9f..c733a35d0971f37fae8159f59bb4af74a6f10ed6 100644 (file)
--- a/src/curve25519.c
+++ b/src/curve25519.c
@@ -39,9 +39,23 @@ typedef int64_t s64;
 #define le32_to_cpup(a) (*(a))
 #define cpu_to_le64(a) (a)
 #endif
-#define get_unaligned_le32(a) le32_to_cpup((u32 *)(a))
-#define get_unaligned_le64(a) le64_to_cpup((u64 *)(a))
-#define put_unaligned_le64(s, d) *(u64 *)(d) = cpu_to_le64(s)
+static inline __le32 get_unaligned_le32(const u8 *a)
+{
+       __le32 l;
+       __builtin_memcpy(&l, a, sizeof(l));
+       return le32_to_cpup(&l);
+}
+static inline __le64 get_unaligned_le64(const u8 *a)
+{
+       __le64 l;
+       __builtin_memcpy(&l, a, sizeof(l));
+       return le64_to_cpup(&l);
+}
+static inline void put_unaligned_le64(u64 s, u8 *d)
+{
+       __le64 l = cpu_to_le64(s);
+       __builtin_memcpy(d, &l, sizeof(l));
+}
 #ifndef __always_inline
 #define __always_inline __inline __attribute__((__always_inline__))
 #endif
@@ -70,7 +84,7 @@ static noinline void memzero_explicit(void *s, size_t count)
 
 void curve25519_generate_public(uint8_t pub[static CURVE25519_KEY_SIZE], const uint8_t secret[static CURVE25519_KEY_SIZE])
 {
-       static const uint8_t basepoint[CURVE25519_KEY_SIZE] = { 9 };
+       static const uint8_t basepoint[CURVE25519_KEY_SIZE] __aligned(sizeof(uintptr_t)) = { 9 };
 
        curve25519(pub, secret, basepoint);
 }

diff --git a/src/pubkey.c b/src/pubkey.c
index cf8e256346f1a2d026cf8fba71674be56be30451..9741bcf37a3b8d7874ff5fe7d83c3fe20671ce6a 100644 (file)
--- a/src/pubkey.c
+++ b/src/pubkey.c
@@ -13,7 +13,7 @@
 
 int pubkey_main(int argc, char *argv[])
 {
-       uint8_t key[WG_KEY_LEN];
+       uint8_t key[WG_KEY_LEN] __attribute__((aligned(sizeof(uintptr_t))));
        char base64[WG_KEY_LEN_BASE64];
        int trailing_char;