milksad
/
rust-bitcoin-unsafe-fast
14
0
Fork 0
Code Issues Pull Requests Activity

[hashes] Disable fixed-time equality cmp when building for fuzzers 

Fuzzers want to break memcmp calls into separate comparisons for
coverage monitoring, allowing them to not-quite-brute-force find
inputs that fully match. Thus, we disable our fancy fixed-time
comparison when built with the `hashes_fuzz` cfg.
This commit is contained in:
Matt Corallo 2025-03-26 18:45:13 +00:00
parent 158240c3c9
commit 7ac7273013
1 changed files with 38 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hashes/src/cmp.rs
View File

@ -15,6 +15,14 @@
/// As of rust 1.31.0 disassembly looks completely within reason for this, see
/// <https://godbolt.org/z/mMbGQv>.
pub fn fixed_time_eq(a: &[u8], b: &[u8]) -> bool {
#[cfg(hashes_fuzz)]
{
// Fuzzers want to break memcmp calls into separate comparisons for coverage monitoring,
// so we avoid our fancy fixed-time comparison below for fuzzers.
a == b
}
#[cfg(not(hashes_fuzz))]
{
assert!(a.len() == b.len());
let count = a.len();
let lhs = &a[..count];
@ -51,6 +59,7 @@ pub fn fixed_time_eq(a: &[u8], b: &[u8]) -> bool {
}
unsafe { (::core::ptr::read_volatile(&r) & 1) == 0 }
}
}
#[cfg(test)]
mod tests {