From: Stefan Sperling Subject: Re: abort() calls in hash.c To: gameoftrees@openbsd.org Date: Thu, 22 Aug 2024 21:51:02 +0200 On Fri, Aug 09, 2024 at 09:52:49PM +0200, Stefan Sperling wrote: > In the spirit of commit b808e01085d775b284878dfeea5c06339a9f2ec2 shouldn't > we keep the abort() call in got_hash_final_object_id() intact even with > sha2 support in place? > > I've added a few more that catch invalid hash algos in other places, too. > None of these should ever trigger, regress seems happy. > > ok? ping > > diff /home/stsp/src/got > commit - faf51db5e8152629d9c4aa4672b3f26e6acecf10 > path + /home/stsp/src/got > blob - d91f248fe08f8bda24931834c38c29dfd8d08fd2 > file + lib/hash.c > --- lib/hash.c > +++ lib/hash.c > @@ -198,6 +198,8 @@ got_hash_init(struct got_hash *hash, enum got_hash_alg > SHA1Init(&hash->sha1_ctx); > else if (algo == GOT_HASH_SHA256) > SHA256Init(&hash->sha256_ctx); > + else > + abort(); > } > > void > @@ -207,6 +209,8 @@ got_hash_update(struct got_hash *hash, const void *dat > SHA1Update(&hash->sha1_ctx, data, len); > else if (hash->algo == GOT_HASH_SHA256) > SHA256Update(&hash->sha256_ctx, data, len); > + else > + abort(); > } > > void > @@ -216,6 +220,8 @@ got_hash_final(struct got_hash *hash, uint8_t *out) > SHA1Final(out, &hash->sha1_ctx); > else if (hash->algo == GOT_HASH_SHA256) > SHA256Final(out, &hash->sha256_ctx); > + else > + abort(); > } > > void > @@ -225,8 +231,10 @@ got_hash_final_object_id(struct got_hash *hash, struct > id->algo = hash->algo; > if (hash->algo == GOT_HASH_SHA1) > SHA1Final(id->hash, &hash->sha1_ctx); > - else > + else if (hash->algo == GOT_HASH_SHA256) > SHA256Final(id->hash, &hash->sha256_ctx); > + else > + abort(); > } > > int > @@ -236,5 +244,7 @@ got_hash_cmp(enum got_hash_algorithm algo, uint8_t *b1 > return memcmp(b1, b2, SHA1_DIGEST_LENGTH); > else if (algo == GOT_HASH_SHA256) > return memcmp(b1, b2, SHA256_DIGEST_LENGTH); > + else > + abort(); > return -1; > } > >