Closed
Bug 95990
Opened 23 years ago
Closed 23 years ago
rijndael.c: encrypt/decrypt use c2 and c3 without ever initializing.
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
WONTFIX
3.4
People
(Reporter: mozilla-bugs, Assigned: bugz)
References
Details
Functions rijndael_encryptBlock and rijndael_decryptBlock both declare unsigned int c2, c3; and then proceed to use those without even assigning anything to this variables!
Assignee | ||
Comment 2•23 years ago
|
||
The two functions in question are not used, as the comment block above them notes. They are generic blocksize Rijndael encrypt/decrypt functions, and at this time only 128-bit blocksizes have been adopted in any standard drafts. The 128-bit blocksize routines are rijndael_encrypt128 and rijndael_decrypt128; they are highly optimized. I think there are possibly other problems with the generic encrypt/decrypt functions. I have intended to clean them up whenever I either have the time, or NSS has the demand for > 128-bit AES. For now, a more stringent comment, and initializing to 0, should do. -Ian
Updated•23 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.4
Comment 3•23 years ago
|
||
Can we just put the entire body of these unused functions inside of a big #if 0 ifdef? That will eliminate complaints and reduce library size until these functions are vetted.
Assignee | ||
Comment 4•23 years ago
|
||
I did that a long time ago. Because of that, I marking this WONTFIX. See 100770 for the real bug.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•