lib: sm3: fix coverity error

Coverity scan reported:

CID 449815:         Memory - illegal accesses  (OVERRUN)
Overrunning array of 64 bytes at byte offset 64 by dereferencing pointer
"sctx->buffer + partial". [Note: The source code implementation of the
function has been overridden by a builtin model.]

In line: 252
   memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial);

The respective line should be:

memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial - 1);

as partial gets incremented by one before.

Signed-off-by: Heiko Schocher <hs@nabladev.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

diff --git a/lib/sm3.c b/lib/sm3.c
index 2a4e825481d99acb49485d5b5e1f4a81ba9ed009..05880099703b527e8414571657f262d9fd73324e 100644 (file)
--- a/lib/sm3.c
+++ b/lib/sm3.c
@@ -249,7 +249,7 @@ void sm3_final(struct sm3_context *sctx, uint8_t output[SM3_DIGEST_SIZE])
 
        sctx->buffer[partial++] = 0x80;
        if (partial > bit_offset) {
-               memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial);
+               memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial - 1);
                partial = 0;
 
                sm3_block(sctx, sctx->buffer, 1, W);