From 1c198bf22bd96abe8ee91de6f49ea2feab0d7a12 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Thu, 16 Jun 2022 18:18:26 +0200 Subject: [PATCH] fips-prf: Add explicit bound check to avoid GCC 12 compile warning MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit GCC assumes this->b is zero (or may be zero) and spits out the following warning (or error with -Werror): src/libstrongswan/plugins/fips_prf/fips_prf.c:124:12: error: array subscript 18446744073709551615 is above array bounds of ‘uint8_t[]’ {aka ‘unsigned char[]’} [-Werror=array-bounds] 124 | one[this->b - 1] = 0x01; | ~~~^~~~~~~~~~~~~ --- src/libstrongswan/plugins/fips_prf/fips_prf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index a51cfe105f..3acec596e2 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -114,9 +114,9 @@ METHOD(prf_t, get_bytes, bool, uint8_t *xkey = this->key; uint8_t one[this->b]; - if (!w) + if (!w || !this->b) { - /* append mode is not supported */ + /* append mode is not supported, the other check is to make GCC happy */ return FALSE; } -- 2.47.2