andOTP format: Avoid NULL+0 UB

See #5476
openwall · May 17, 2024 · 5c936f3 · 5c936f3
1 parent 08e2241
commit 5c936f3
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/src/aes_gcm_plug.c b/src/aes_gcm_plug.c
@@ -293,6 +293,7 @@ static void aes_gcm_ghash(const uint8_t *H, const uint8_t *aad, size_t aad_len,
 }
 
 
+#if 0
 /**
  * aes_gcm_ae - GCM-AE_K(IV, P, A)
  */
@@ -324,6 +325,7 @@ int aes_gcm_ae(const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_
 
 	return 0;
 }
+#endif
 
 
 /**
@@ -361,12 +363,14 @@ int aes_gcm_ad(const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_
 }
 
 
+#if 0
 int aes_gmac(const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len,
 	     const uint8_t *aad, size_t aad_len, uint8_t *tag)
 {
 	return aes_gcm_ae(key, key_len, iv, iv_len, NULL, 0, aad, aad_len, NULL,
 			  tag);
 }
+#endif
 
 
 #ifdef TEST

diff --git a/src/andotp_fmt_plug.c b/src/andotp_fmt_plug.c
@@ -167,7 +167,8 @@ static int check_password(int index, struct custom_salt *cs)
 	SHA256_Update(&ctx, saved_key[index], saved_len[index]);
 	SHA256_Final(key, &ctx);
 
-	ret = aes_gcm_ad(key, 32, cs->iv, IVLEN, cs->ciphertext, cs->ctlen, NULL, 0, cur_salt->tag, NULL, 1);
+	void *empty = &empty; /* Could be NULL, but we'd end up with NULL+0, which is UB */
+	ret = aes_gcm_ad(key, 32, cs->iv, IVLEN, cs->ciphertext, cs->ctlen, empty, 0, cur_salt->tag, empty, 1);
 
 	if (!ret)
 		return 1;