From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 10 Mar 2016 16:53:01 +0000 (+0100)
Subject: des: assign value after sanity check to avoid undefined behavior
X-Git-Tag: nettle_3.3_release_20161001~62
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45a19a4bc6c72c07dcd4cd7e84b2c2bbdb3f60dd;p=thirdparty%2Fnettle.git

des: assign value after sanity check to avoid undefined behavior

This corrects issues of the following type caught with -fsanitize=undefined
des.c:176:42: runtime error: index 42 out of bounds for type 'int8_t [26][4]'
---

diff --git a/des.c b/des.c
index f880f8f8..ebde9351 100644
--- a/des.c
+++ b/des.c
@@ -173,10 +173,13 @@ des_weak_p(const uint8_t *key)
   int8_t k1 = key[1] >> 1;
 
   unsigned hash = asso_values[k1 + 1] + asso_values[k0];
-  const int8_t *candidate = weak_key_hash[hash];
+  const int8_t *candidate;
 
   if (hash > 25)
     return 0;
+
+  candidate = weak_key_hash[hash];
+
   if (k0 != candidate[0]
       || k1 != candidate[1])
     return 0;