The fact that this always reads 16 bytes from the input byte stream
for the key data is still a bit on the suspicious side, but at least
it won't crash UBSAN anymore.
Because MD5 stored a "Bytes {}" wrapper to its internal data buffer,
it was not actually movable. However, its use in several parts of
the system (such as HashManager) assumed it was, leading to crashes.
Fixes#8135
Previously ByteBuffer::grow() behaved like Vector<T>::resize().
However the function name was somewhat ambiguous - and so this patch
updates ByteBuffer to behave more like Vector<T> by replacing grow()
with resize() and adding an ensure_capacity() method.
This also lets the user change the buffer's capacity without affecting
the size which was not previously possible.
Additionally this patch makes the capacity() method public (again).
This only affects malformed RSA keys. Instead of accepting and
continuing with potentially broken pointers (and in ASAN, crashing), we
now consider bitmaps malformed, and stop parsing.
Found by OSS Fuzz: #31698, long-standing-bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31698
Fun fact: The "if" only exists because of OSS Fuzz.
8cc279ed74
Problem:
- Static variables take memory and can be subject to less optimization
(https://serenityos.godbolt.org/z/7EYebr1aa)
- This static variable is only used in 1 place.
Solution:
- Move the variable into the function and make it non-static.
Problem:
- Clang ToT reports an error because `digest_size` cannot be evaluated
at compile-time.
Solution:
- Change from using the member function to the `static` shadow of the
NTTP.
This adds an `AK::ByteReader` to help with that so we don't duplicate
the logic all over the place.
No more `*(const u16*)` and `*(const u32*)` for anyone.
This should help a little with #7060.
We never really needed the 512 words in the first place, and this does
reduce the stack allocations in montgomery modular power from 32Kb to
a more manageable 2Kb :^)
Note that the 32 words size doesn't provide any performance benefits or
drawbacks compared to other values. All values seem to have equivalent
performances (the tested values were 1, 2, 4, ..., 512). But since the
previous value of 512 was definitely too big, let's reduce it for now!
This algorithm allows for much faster computations of modular powers
(around a 5x-10x speedup of the Crypto test). However, it is only valid
for odd modulo values, and therefore the old algorithm must be kept for
computations involving even modulo values.
Since the operations are already complicated and will become even more
so soon, let's split them into their own files. We can also integrate
the NumberTheory operations that would better fit there into this class
as well.
This commit doesn't change behaviors, but moves the allocation of some
variables into caller classes.
This is working fine for TLS because we have a big enough inline
capacity, but in theory we could have crashed at any time even with
our 512 words of inline capacity.
We had some inconsistencies before:
- Sometimes "The", sometimes "the"
- Sometimes trailing ".", sometimes no trailing "."
I picked the most common one (lowecase "the", trailing ".") and applied
it to all copyright headers.
By using the exact same string everywhere we can ensure nothing gets
missed during a global search (and replace), and that these
inconsistencies are not spread any further (as copyright headers are
commonly copied to new files).
SPDX License Identifiers are a more compact / standardized
way of representing file license information.
See: https://spdx.dev/resources/use/#identifiers
This was done with the `ambr` search and replace tool.
ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
Problem:
- `constexpr` functions are additionally decorated with `inline`
keyword. This is redundant since `constexpr` implies `inline`.
Solution:
- Remove redundancies.