[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

apt sig 10

Just FYI, this isn't showing up yet in the bug entry but this
is the problem and the included patch fixes it.
--- Begin Message ---
The problem is how sha1.cc codes the SHA1 transform, it illegally
casts the on-stack workspace buffer to a type requiring more
alignment than 'workspace' is actually declared to have.

This only shows up recently because gcc-4.6 now does a really
aggressive optimization where it gets rid of the workspace
buffer entirely and just accesses 'buffer' directly, and assumes
it has the necessary alignment for 32-bit loads (which it

This patch fixes the bug:

--- apt-pkg/contrib/sha1.cc~	2011-06-17 03:10:20.000000000 -0700
+++ apt-pkg/contrib/sha1.cc	2011-07-25 15:16:26.774548017 -0700
@@ -74,10 +74,9 @@ static void SHA1Transform(uint32_t state
       uint32_t l[16];
-   CHAR64LONG16 *block;
+   CHAR64LONG16 workspace, *block;
-   uint8_t workspace[64];
-   block = (CHAR64LONG16 *)workspace;
+   block = &workspace;
    /* Copy context->state[] to working vars */

--- End Message ---

Reply to: