[release-branch.go1.20] crypto/subtle: don't cast to *uintptr when word size is 0

randall77 · gopherbot · commit dcc9bdf38037 · 2023-04-05T16:51:32.000Z
Casting to a *uintptr is not ok if there isn't at least 8 bytes of data backing that pointer (on 64-bit archs). So although we end up making a slice of 0 length with that pointer, the cast itself doesn't know that. Instead, bail early if the result is going to be 0 length. Fixes #59336 Change-Id: Id3c0e09d341d838835c0382cccfb0f71dc3dc7e6 Reviewed-on: https://go-review.googlesource.com/c/go/+/480575 Run-TryBot: Keith Randall <khr@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Bryan Mills <bcmills@google.com> (cherry picked from commit 297cf6dd31bd99fc4ccda320aa3d4faf290ab278) Reviewed-on: https://go-review.googlesource.com/c/go/+/481238 Reviewed-by: Keith Randall <khr@google.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> Run-TryBot: Michael Knyszek <mknyszek@google.com>
diff --git a/src/crypto/subtle/xor_generic.go b/src/crypto/subtle/xor_generic.go
@@ -46,7 +46,13 @@ func aligned(dst, x, y *byte) bool {
 // words returns a []uintptr pointing at the same data as x,
 // with any trailing partial word removed.
 func words(x []byte) []uintptr {
-	return unsafe.Slice((*uintptr)(unsafe.Pointer(&x[0])), uintptr(len(x))/wordSize)
+	n := uintptr(len(x)) / wordSize
+	if n == 0 {
+		// Avoid creating a *uintptr that refers to data smaller than a uintptr;
+		// see issue 59334.
+		return nil
+	}
+	return unsafe.Slice((*uintptr)(unsafe.Pointer(&x[0])), n)
 }
 
 func xorLoop[T byte | uintptr](dst, x, y []T) {
diff --git a/test/fixedbugs/issue59334.go b/test/fixedbugs/issue59334.go
@@ -0,0 +1,18 @@
+// run -tags=purego -gcflags=all=-d=checkptr
+
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main
+
+import "crypto/subtle"
+
+func main() {
+	dst := make([]byte, 5)
+	src := make([]byte, 5)
+	for _, n := range []int{1024, 2048} { // just to make the size non-constant
+		b := make([]byte, n)
+		subtle.XORBytes(dst, src, b[n-5:])
+	}
+}
