From: Mark Adler <madler@alumni.caltech.edu>
Date: Tue, 4 Oct 2016 05:33:26 +0000 (-0700)
Subject: Note the violation of the strict aliasing rule in crc32.c.
X-Git-Tag: 1.9.9-b1~742
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52380f5b4475ad92c4aa5f033fa119fcb914e633;p=thirdparty%2Fzlib-ng.git

Note the violation of the strict aliasing rule in crc32.c.

See the comment for more details. This is in response to an issue
raised as a result of a security audit of the zlib code by Trail
of Bits and TrustInSoft, in support of the Mozilla Foundation.
---

diff --git a/crc32.c b/crc32.c
index 7dd287ee1..4f38163a4 100644
--- a/crc32.c
+++ b/crc32.c
@@ -247,6 +247,18 @@ uint32_t ZEXPORT crc32(uint32_t crc, const unsigned char *buf, z_off64_t len) {
 }
 
 
+/*
+   This BYFOUR code accesses the passed unsigned char * buffer with a 32-bit
+   integer pointer type. This violates the strict aliasing rule, where a
+   compiler can assume, for optimization purposes, that two pointers to
+   fundamentally different types won't ever point to the same memory. This can
+   manifest as a problem only if one of the pointers is written to. This code
+   only reads from those pointers. So long as this code remains isolated in
+   this compilation unit, there won't be a problem. For this reason, this code
+   should not be copied and pasted into a compilation unit in which other code
+   writes to the buffer that is passed to these routines.
+ */
+
 /* ========================================================================= */
 #if BYTE_ORDER == LITTLE_ENDIAN
 #define DOLIT4 c ^= *buf4++; \