diff options
author | MÃ¥rten Nordheim <marten.nordheim@qt.io> | 2023-03-08 11:10:49 +0100 |
---|---|---|
committer | Marc Mutz <marc.mutz@qt.io> | 2023-03-10 14:39:37 +0000 |
commit | fa4b7495b741c3e7943860c5ff15212afceda710 (patch) | |
tree | 0ccf1097ab03488c29e80e0563cb259a9dafa948 /tests | |
parent | 4f02973e2f447dfc92234ec247d7157ea0e1e807 (diff) |
Fix overflow in SHA-3/Keccak
state->rate is always larger than or equal to state->bitsInQueue;
when bitsInQueue == rate the queue is consumed and bitsInQueue is set to
0 again.
Done-with: Marc Mutz <marc.mutz@qt.io>
Pick-to: 6.5.0 6.5 6.4.3 6.4 6.2 5.15
Change-Id: I56d268a19fb3cd542cc027edc962253f09d97a14
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/auto/corelib/tools/qcryptographichash/tst_qcryptographichash.cpp | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/tests/auto/corelib/tools/qcryptographichash/tst_qcryptographichash.cpp b/tests/auto/corelib/tools/qcryptographichash/tst_qcryptographichash.cpp index 91fdef354f..2a0fd1a7c1 100644 --- a/tests/auto/corelib/tools/qcryptographichash/tst_qcryptographichash.cpp +++ b/tests/auto/corelib/tools/qcryptographichash/tst_qcryptographichash.cpp @@ -36,6 +36,7 @@ private slots: // keep last void moreThan4GiBOfData_data(); void moreThan4GiBOfData(); + void keccakBufferOverflow(); private: void ensureLargeData(); std::vector<char> large; @@ -534,5 +535,33 @@ void tst_QCryptographicHash::moreThan4GiBOfData() QCOMPARE(single, chunked); } +void tst_QCryptographicHash::keccakBufferOverflow() +{ +#if QT_POINTER_SIZE == 4 + QSKIP("This is a 64-bit-only test"); +#else + + if (ensureLargeData(); large.empty()) + return; + + QElapsedTimer timer; + timer.start(); + const auto sg = qScopeGuard([&] { + qDebug() << "test finished in" << timer.restart() << "ms"; + }); + + constexpr qsizetype magic = INT_MAX/4; + QCOMPARE_GE(large.size(), size_t(magic + 1)); + + QCryptographicHash hash(QCryptographicHash::Algorithm::Keccak_224); + const auto first = QByteArrayView{large}.first(1); + const auto second = QByteArrayView{large}.sliced(1, magic); + hash.addData(first); + hash.addData(second); + (void)hash.resultView(); + QVERIFY(true); // didn't crash +#endif +} + QTEST_MAIN(tst_QCryptographicHash) #include "tst_qcryptographichash.moc" |