From: Sami Kerola <kerolasa@iki.fi>
Date: Sat, 22 Nov 2014 00:31:07 +0000 (+0000)
Subject: lib: fix crc32 and crc64 interger overflows [AddressSanitizer]
X-Git-Tag: v2.26-rc1~121
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=95e8d2b3bcc4c276723cbfdb551a4e6152fbb092;p=thirdparty%2Futil-linux.git

lib: fix crc32 and crc64 interger overflows [AddressSanitizer]

lib/crc32.c:111:11: runtime error: unsigned integer overflow: 0 - 1
cannot be represented in type 'size_t' (aka 'unsigned long')

lib/crc64.c:101:12: runtime error: unsigned integer overflow: 0 - 1
cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
---

diff --git a/lib/crc32.c b/lib/crc32.c
index eaaa06a0cd..be98f1a8d1 100644
--- a/lib/crc32.c
+++ b/lib/crc32.c
@@ -108,8 +108,10 @@ uint32_t crc32(uint32_t seed, const unsigned char *buf, size_t len)
 	uint32_t crc = seed;
 	const unsigned char *p = buf;
 
-	while(len-- > 0)
+	while (len) {
 		crc = crc32_tab[(crc ^ *p++) & 0xff] ^ (crc >> 8);
+		len--;
+	}
 
 	return crc;
 }
diff --git a/lib/crc64.c b/lib/crc64.c
index 091e95d766..0be78e63be 100644
--- a/lib/crc64.c
+++ b/lib/crc64.c
@@ -98,9 +98,10 @@ uint64_t crc64(uint64_t seed, const unsigned char *data, size_t len)
 {
 	uint64_t crc = seed;
 
-	while (len--) {
+	while (len) {
 		int i = ((int) (crc >> 56) ^ *data++) & 0xFF;
 		crc = crc64_tab[i] ^ (crc << 8);
+		len--;
 	}
 
 	return crc;