[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#866890: pspp - cve-2017-10791 - cve-2017-10792

On Mon, Jul 03, 2017 at 11:37:30PM +0200, Friedrich Beckmann wrote:
     Hi John,
     today I looked a little bit at the hash function. I think the problem is that compared to
     the referenced code the x parameter is type int instead of unsigned int. Googling around the
     overflow behavior of signed and the shift right of signed is not defined in the c standard
     although ???many?" implementations assume 2th complement signed implementation. Both is well
     defined for unsigned int operations.
Ahh.  Perhaps you're right.  But I cannot see that this would cause a crash, so I suspect that's
another problem.

     I changed the parameter type from int to unsigned int and I cannot see a problem in the regression.

What problems did you encounter before your change (if any)?

     But looking at the code I wondered if this hash function also works on 64 Bit architectures. The
     reference only talks about uint32_t.

I cannot see that it wouldn't "work".  But it might not create such an efficient hash.

Anyway maybe Ben will be able to have a look soon.

Avoid eavesdropping.  Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3 
fingerprint = 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.

Attachment: signature.asc
Description: Digital signature

Reply to: