Giters

libtom / libtomcrypt

LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.

Home Page:https://www.libtom.net

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

src of unsigned_read should be const

mabuchner opened this issue · comments

commented

The ltc_math_descriptor.unsigned_read function pointer has a non-const src pointer argument, which the function is not supposed to modify

libtomcrypt/src/headers/tomcrypt_math.h

Line 179 in 673f5ce

unsigned char *src,

This is error prone as one might accidentally swap dst and src.

The src pointer should get marked as const.

int (*unsigned_read)(void *dst,
                     const unsigned char *src,
                     unsigned long  len);
commented

In various places libtomcrypt tries to use a constant src, but it then has to cast away the constness in order to call the unsigned_read function. E.g. see this

libtomcrypt/src/pk/ecc/ecc_verify_hash.c

Line 78 in 673f5ce

if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig, i)) != CRYPT_OK) { goto error; }