Merge branch 'iotssl-1419-safermemcmp-volatile_backport-1.3' into mbedtls-1.3-restricted

commit: c5926a704942e5a9de91191ea45e67c783833bb9 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue Nov 28 13:50:05 2017 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue Nov 28 13:50:05 2017 +0100
tree: 4181ffec743d721f92ba8cebfa4add714c2d22aa
parent: 3036cbeb8e9ce2b20c30e0c6d3be409ddfc3e64c [diff]
parent: 1caad0861010577d6a30eebffacd971a7f6f6fbd [diff]
diff --git a/ChangeLog b/ChangeLog
index 5758c7b..55e4e7f 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -10,6 +10,7 @@
      data is all zeros.
    * Fix unsafe bounds check in ssl_parse_client_psk_identity() when adding
      64kB to the address of the SSL buffer wraps around.
+   * Tighten should-be-constant-time memcmp against compiler optimizations.
 
 Bugfix
    * Fix memory leak in ssl_set_hostname() when called multiple times.

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 9a3fb8a..6e43f94 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h

@@ -2061,9 +2061,9 @@
 static inline int safer_memcmp( const void *a, const void *b, size_t n )
 {
     size_t i;
-    const unsigned char *A = (const unsigned char *) a;
-    const unsigned char *B = (const unsigned char *) b;
-    unsigned char diff = 0;
+    volatile const unsigned char *A = (volatile const unsigned char *) a;
+    volatile const unsigned char *B = (volatile const unsigned char *) b;
+    volatile unsigned char diff = 0;
 
     for( i = 0; i < n; i++ )
         diff |= A[i] ^ B[i];
commit	c5926a704942e5a9de91191ea45e67c783833bb9	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Nov 28 13:50:05 2017 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Nov 28 13:50:05 2017 +0100
tree	4181ffec743d721f92ba8cebfa4add714c2d22aa
parent	3036cbeb8e9ce2b20c30e0c6d3be409ddfc3e64c [diff]
parent	1caad0861010577d6a30eebffacd971a7f6f6fbd [diff]