From patchwork Fri Oct 21 18:59:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 38873 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:4a86:b0:9d:28a3:170e with SMTP id fn6csp927221pzb; Fri, 21 Oct 2022 12:00:50 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6FrGuwxhazwrLwRcbJBAfniWLDTX+kgDagxatK8REs0LoH3itlhtFZdSvjphWZmZIvFoUy X-Received: by 2002:aa7:c144:0:b0:459:f897:793e with SMTP id r4-20020aa7c144000000b00459f897793emr18720619edp.8.1666378850657; Fri, 21 Oct 2022 12:00:50 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id r15-20020a17090638cf00b0078e11e92257si17412936ejd.333.2022.10.21.12.00.44; Fri, 21 Oct 2022 12:00:50 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=dUdwVQZ5; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2E9BE68BED4; Fri, 21 Oct 2022 22:00:39 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-oln040092074078.outbound.protection.outlook.com [40.92.74.78]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E716368BEC4 for ; Fri, 21 Oct 2022 22:00:32 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nUS7msD8QhOYaKqQFLa0mjbVvPb1REJfpNPKIkfbl6/GW7EPoZgSeIb8NPAVY+RNckWg/G6iVB0EkWqHTxbjQULJIPlRc5VKB+vxrTa5OjSttZacB4+NEnIL8PXK5NVTGUAfgD7hNs9X3fBPWFZmR4eAInUpRr+SmxpmyoUkv3l+wgAdqUborM+OQrToJk1QV18oTM+9DlYu77Z90E9WuJifoPJ2kw16E0yazrrc/+e880nv0V1p2bywKvgxBepapZsWs2JBJX/EMPWB0lcYFJ5PlDHY9vB0zp+T32fXjj0/9o8fDbexdsLy70/hyX8hs//antE/nGOM3aA5G+5PZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iA2HYOkHo2z4SQP4rvnxYVFY9+tz1tdvWvgeVpVodUI=; b=DDAsnGRSBv3x8Y/YQIXJRmcOokc3AeQVnycXTAMJYeGvJzhzYP2ubjqIPP2JfXBkSMrfajVcj0nx7a5e7AFkB3/WzLcy31CnF4+wtbk8ddadeFNoSqzHjUR5Juz+UiT8CwTwvAp89QIqr8PvAQ8XRom801vHw5RZA09zB/IZNt1NtZ+YTdTcCv/IYZ7G4L7V74UrXfySzun4kGagMO3yaxFatIQC0IopICNUFmRspRH/nQyFX2Hu/cOojQFw+m6HUaz8KDfrOpsBjUuEDDsmH93LJExHjfVPbcySuKMRN4uHiPLRc9PF1fQRRh0f/l4uWIj75LRBggRsdKVngOrc2w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iA2HYOkHo2z4SQP4rvnxYVFY9+tz1tdvWvgeVpVodUI=; b=dUdwVQZ5KpfIM7brc5RSfskq8NiNB7sfiiqGy6PL6lnPnCQhD9cVegwQQVIMC8MRNyK/2zyHZQ2hNb4CHQYFm86BOiB+R6niaQLTQHYK5YwxIDAd6FvCXVyncgGz6jzITtcjE1dGgT1MURXtd08RGfU7JBb0zKP519kUgqaL0n3SCmuZkLmZGoBSMvFLv2eKyYibXjQIOmROEYTqNHzseGvuriYZsEm0dQewnsM0z6hWCXLKN4RaBMD3+Sv0QKXy4SbdprpOREJH4p7fvVTQu3eyMAryPtO10XAZQ3G4/eniLSy0uyQxS/lX4T5MTjRGwuXUSxPyCK8wZsI1lxpXbg== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by PRAP250MB0491.EURP250.PROD.OUTLOOK.COM (2603:10a6:102:291::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.21; Fri, 21 Oct 2022 19:00:27 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::f9d7:680f:70c4:44fe]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::f9d7:680f:70c4:44fe%7]) with mapi id 15.20.5709.015; Fri, 21 Oct 2022 19:00:27 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Fri, 21 Oct 2022 20:59:36 +0200 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: X-TMN: [C0ILxiigDfTGjo94Xs4lfabI+rf8C72gI+jJW+fogAY=] X-ClientProxiedBy: FR0P281CA0047.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:48::18) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: <20221021185939.3096155-3-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|PRAP250MB0491:EE_ X-MS-Office365-Filtering-Correlation-Id: 865dedfc-b2c5-468c-7e8d-08dab396845a X-MS-Exchange-SLBlob-MailProps: Z9TzpHVL8qp7D/y/uGLRVs6m1Fe8Nvnah+yxVrEPdZ8aRTKjPpnXxNgxJqaQ07wNA+wGd+uA4Rh/aGdKbxm4WdQqPHLvGTXq5k2XT+s9k8cBvVIUg1kYK6/8DbUNijeg9Zkz1KUSQtKsQybRtKCXxV8c0BbS/rD2bmhZAFQkd+AW2I5dQ8g3/TOLdQWA0PpZArDWNP1TIbZxv8nycJvBwo8P1TqSYVO9ZrWIdKT45ZhTQnZVRAi4+hrVvD6x8OwEpPf932aAIegHhG7/hsJUfP9RRPFCc+6gALCuUvukyGWAonhIGPOZQaAIwOxt0/ziafWL3RRa8tWYGKjtI09KLihFF+22fPpV2AV+y2yqXeOltcN7tWn149DN+APRQOwJahkmQrNXXP9Q5tEN6BaA+HEU1F7jlRDjKI9XESlwac3GwB9vMfD0j2YBMz29TeQAGk/Lv/BN74FXZiLmpjlXrYiwaBhJgSNU/At9zWKWrvE+cBtXJ710Lf+MPMdZ2vaajEumwkiXsCGDuN+1OrYBQnoKnYk2Kg6VXSaWNJ0D20TpogrghgIbmJ6YqzRM2YCN60BBGwnZ6Iv6klt5yNbaXwHhSOCcwQHSJQyK+zCVTN+x6GLMms7/2kTFVVeEBISBmRZ7lzkbSuN7iAQ13I8fjaKjQfCasuq78zdXTAin6vIFh8447tG5uKXi24slwG0nWD5gkdg3TReXdUFau693SGl2/lolSv8MYVtQygnGvy/Nse7YxNAlLOHysW28T1SBujZWMBAtlCBOv2Q0uLUoDJUmEbv1VkIDB2FzqJxwtBuxv0nwXUDUonVSL/Lg7Ii7ff+SyGV1hwXsGaOVqwiw/l9zOILfHnLXcY9BSPm2zWpob/2UpV8zMg== X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: SN6gQefXYcaUDRLsSjdJsegPhTXq0+tWyeroEM6s6QzayzKA52/QMTeLoDztefwrJNWFu7SuxGsu0MPhWE7pI7Ko4u6Vgy3ZN93gN5plQJ0P5iKZE7Ifds/Y24h4FLsoYQjHetwPTM4+KaBzZzpP07etJ5LhkL4lp0RFBK5JIf0WQ/uSmr+zBMV5h/Lzsgwg/xSPM2XhYyTn9URoU1fsnDUvG+6wxf3mxZICXOvA8oz5K9l2NAuVt8Bt6A+gfPQKNE+k+PY7670lM6VkRmOvH7m2QWKYWtiMIU3oJU7gXWvn757vV4wbnlXEh1s6E/W4H+F6nhLInli/79f4tjfZiDkcWx4WeminyFYC/Kqh/i0LfsyaxhtbThwQm18fu3qJP8JbxOtnExV0umgdH0Bze9Jgglgw5aPi4fK6dKBwDCEqxGdliA+6ydTHXW238ZaKA7EednFdyWho4Xm4AgReDC4mlaLqU9R2zsKwl+aqFsPDlAlZRDug2krzMDk5GkC3ZSKgSnSl7/HtvLKsRrvkVhp0t958TLvATastXGE6rHLOX4cpG0XhG0pEyWR5jr6OhPC23GsWBGwDAPljayQkK2hLjEonRZTP9b/Rt0Ld0CFJWa2Gv/rAU3Lm/xPz8XUAW3Rc0CFHkeI1TwmKVb7vdEu41RHC2APbVxVp4LGMdgvE+PolHs9jUR1bvzrNRLUO X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: F0NzXSadwrNveVnul4L4rjznsWHDMT6nMFe6XEDqhQOw3hPDHjKXXWZV/Ud+ZPw9G+qWb43LTFx83+j+dJxRyMZTwI8pLoisR02voCXXIA97FYzpCK7FhnlP7gAKfRyLPiEDDfNnTnVpmykP06b/Lx9y3yVOh/ul6eP9FyJmP7fRoQTEk9ylFw8a9rS2+bL3BO3pBCuQlUocoXrfUOxXJDNPEG8pirGjFnnNXy582UyOJc/O0OQljp5WCly/DvwPPBx4bSbwlvLrVuhVNvq6FWUO2IudbDMBwYdia/LlLlIx40IIhLmSaOgDjKxl/OMXPVwjWHJ/X+in1rQ2y8cgNcfCbkfLoJksQB22hGk4eNQP9GC/y1+LdjX24knatjyR0Nur4eG9wYXcjPUNGgSrqxgdKeIw4Ekcg2Z2hDYLaW0KQBgtTwonA9W9A2kkMcuulhXvRTMA5QhJ84Z07Q3qlhbsZnpVCj3KNRLHJ2dHENb/NKrV2lslQgnDRYrl7fRPQ3T9f4nU4M/iOF/8b6JOH6Dcs026pyCXEmSO8LVg6C1JCFhmOlGTHhoO/UXs3HI/HtRxBY6bNwamYXvG29Y5bhzPShc4081fu1WaI74yVQ/HUg37V5fjFH8kNr1I/EL5T1BKJ1MMLCGj4PC2YlTQQq6ET0CLBIhPPD2/a6R6qXjn7XBup2/+si3Qh5TyosvIRjgVsvTQ5gUgPkAdNNBJSzbl+FsxWkDKuIutDiuHe4Frfhr4iRFzuStZExkvG5HVvpJB6JJHrZ6bJRVh5NeUdhADe3X0z3LV7ZMFmJj/jwCL3o3Lead9mdcH/oLhzPefMGR+u2FyAWwabgIjD6apPcq0iaAHODHzizQX/e/l7v577ofRW4uQXeKCNuIZXhFn12c0UQ5/GHr+Yn2dMCaQ2/X5ybu0UKqkO69XMVk/vEvnLKsXYf/5/r1L5abtiMK2tUT2J1FxNRo3C7DH1D/xf4DxE+ifO82mlzOtVLf6l2wWcLY9nPQuhapk6OTgJI9ujAvpp/QebSiAyTm0RS7Iw0CsotsI3duDMRdgjhk5fhar/R6J49ZAETiiCXcarfX02QbEnOBEwr3Y2dFMawZSfR1aAZlpmQZXkWJdsrjksEMk4majz8S9oMLmxmSj9ITKqdH1yE5g2W5qZ1d74aO8/MhF9+SLjTU5WE2RdZfmRGN1iXFyBdl7ACinnvb+L64YQ2rz0gfLVtkA7fCuBXLOlTyP0Bjnzjc7rbdBbJ4v2K/4O9gSrDWS7k4XgRaogKK35dTU+QLJSmXYgaTzgkey4V6GukpWdJBZcbVQsr+MvCf2YM23OZNoC1omKCvIBFke X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 865dedfc-b2c5-468c-7e8d-08dab396845a X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Oct 2022 19:00:27.5055 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: PRAP250MB0491 Subject: [FFmpeg-devel] [PATCH 4/7] avutil/aes: Don't use misaligned pointers X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: PnK/FbXWBnBe The AES code uses av_aes_block, a union consisting of uint64_t[2], uint32_t[4], uint8_t[4][4] and uint8_t[16]. subshift() performs byte-wise manipulations of two av_aes_blocks, but when encrypting, it does so with a shift of two bytes; more precisely, it uses "av_aes_block *s1 = (av_aes_block *) (s0[0].u8 - s)" and lateron uses the uint8_t[16] member to access s0. Yet av_aes_block requires to be suitably aligned for the uint64_t[2] member, which s0[0].u8 - 2 is certainly not. This is in violation of 6.3.2.3 (7) of C11. UBSan reports this in the aes_ctr, mov-3elist-encrypted, mov-frag-encrypted, mov-tenc-only-encrypted and srtp tests. Furthermore, there is another issue here: The pointer points outside of s0; this works, because all the accesses lateron use an index >= 3. (Clang-)UBSan reports this as "runtime error: index -2 out of bounds for type 'uint8_t[16]'". This commit fixes both of these issues: The latter issue is fixed by applying an offset of "+ 3" during the cast and subtracting this from the indices used lateron. The former issue is solved by not casting to av_aes_block* at all; instead simply cast to unsigned char*. Signed-off-by: Andreas Rheinhardt --- libavutil/aes.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/libavutil/aes.c b/libavutil/aes.c index 029d738f87..8b78daa782 100644 --- a/libavutil/aes.c +++ b/libavutil/aes.c @@ -80,25 +80,27 @@ static inline void addkey_d(uint8_t *dst, const av_aes_block *src, static void subshift(av_aes_block s0[2], int s, const uint8_t *box) { - av_aes_block *s1 = (av_aes_block *) (s0[0].u8 - s); - av_aes_block *s3 = (av_aes_block *) (s0[0].u8 + s); + unsigned char *s1_dst = (unsigned char*)s0[0].u8 + 3 - s; + const unsigned char *s1_src = s1_dst + sizeof(*s0); + unsigned char *s3_dst = (unsigned char*)s0[0].u8 + s + 1; + const unsigned char *s3_src = s3_dst + sizeof(*s0); s0[0].u8[ 0] = box[s0[1].u8[ 0]]; s0[0].u8[ 4] = box[s0[1].u8[ 4]]; s0[0].u8[ 8] = box[s0[1].u8[ 8]]; s0[0].u8[12] = box[s0[1].u8[12]]; - s1[0].u8[ 3] = box[s1[1].u8[ 7]]; - s1[0].u8[ 7] = box[s1[1].u8[11]]; - s1[0].u8[11] = box[s1[1].u8[15]]; - s1[0].u8[15] = box[s1[1].u8[ 3]]; + s1_dst[ 0] = box[s1_src[ 4]]; + s1_dst[ 4] = box[s1_src[ 8]]; + s1_dst[ 8] = box[s1_src[12]]; + s1_dst[12] = box[s1_src[ 0]]; s0[0].u8[ 2] = box[s0[1].u8[10]]; s0[0].u8[10] = box[s0[1].u8[ 2]]; s0[0].u8[ 6] = box[s0[1].u8[14]]; s0[0].u8[14] = box[s0[1].u8[ 6]]; - s3[0].u8[ 1] = box[s3[1].u8[13]]; - s3[0].u8[13] = box[s3[1].u8[ 9]]; - s3[0].u8[ 9] = box[s3[1].u8[ 5]]; - s3[0].u8[ 5] = box[s3[1].u8[ 1]]; + s3_dst[ 0] = box[s3_src[12]]; + s3_dst[12] = box[s3_src[ 8]]; + s3_dst[ 8] = box[s3_src[ 4]]; + s3_dst[ 4] = box[s3_src[ 0]]; } static inline int mix_core(uint32_t multbl[][256], int a, int b, int c, int d)