Commit 4f16961052694b946acf80e1bbf10a51994a353a
1 parent
b3ab5cd2
In MD5_native::transform disable sanitizer unsigned integer overflow checks
Wrap-around is intentional and generates false positives
Showing
1 changed file
with
5 additions
and
0 deletions
libqpdf/MD5_native.cc
| @@ -193,7 +193,12 @@ MD5_native::digest(Digest result) | @@ -193,7 +193,12 @@ MD5_native::digest(Digest result) | ||
| 193 | } | 193 | } |
| 194 | 194 | ||
| 195 | // MD5 basic transformation. Transforms state based on block. | 195 | // MD5 basic transformation. Transforms state based on block. |
| 196 | +// | ||
| 197 | +// NB The algorithm intentionally relies on unsigned integer wrap-around | ||
| 196 | void MD5_native::transform(uint32_t state[4], unsigned char block[64]) | 198 | void MD5_native::transform(uint32_t state[4], unsigned char block[64]) |
| 199 | +#if defined(__clang__) | ||
| 200 | +__attribute__((no_sanitize("unsigned-integer-overflow"))) | ||
| 201 | +#endif | ||
| 197 | { | 202 | { |
| 198 | uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16]; | 203 | uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16]; |
| 199 | 204 |