From: slontis <shane.lontis@oracle.com>
Date: Fri, 17 Jan 2025 07:48:53 +0000 (+1100)
Subject: ML-DSA: Fix endian issue in ossl_ml_dsa_poly_sample_in_ball().
X-Git-Tag: openssl-3.5.0-alpha1~599
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=aabb69b8ba13a398b75f0c86444b1cf3b8a52e4b;p=thirdparty%2Fopenssl.git

ML-DSA: Fix endian issue in ossl_ml_dsa_poly_sample_in_ball().

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/26451)
---

diff --git a/crypto/ml_dsa/ml_dsa_sample.c b/crypto/ml_dsa/ml_dsa_sample.c
index 21c2c380f4e..c3f33a7206b 100644
--- a/crypto/ml_dsa/ml_dsa_sample.c
+++ b/crypto/ml_dsa/ml_dsa_sample.c
@@ -7,6 +7,7 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include <openssl/byteorder.h>
 #include "ml_dsa_local.h"
 #include "ml_dsa_vector.h"
 #include "ml_dsa_matrix.h"
@@ -322,7 +323,7 @@ int ossl_ml_dsa_poly_sample_in_ball(POLY *out_c, const uint8_t *seed, int seed_l
      * grab the first 64 bits - since tau < 64
      * Each bit gives a +1 or -1 value.
      */
-    memcpy(&signs, block, 8);
+    OPENSSL_load_u64_le(&signs, block);
 
     poly_zero(out_c);