Skip to content

Commit

Permalink
Merge bitcoin-core/secp256k1#1194: Ensure safety of ctz_debruijn impl…
Browse files Browse the repository at this point in the history
…ementation.

d6ff738 Ensure safety of ctz_debruijn implementation. (Russell O'Connor)

Pull request description:

  Adding `U` to the magic constants ensures that we are not mixing unsigned and signed value during multiplication, and ensures that the multiplication will not be subject to integer promotion.

  The `(uint32_t)`/`(uint64_t)` casts ensure the values are properly truncated no matter the size of an int.

  Prior to this commit, if `secp256k1_ctz32_var_debruijn` were some how managed to be built on a platform with 64-bit ints, (though this function is specifically only intended to be used on 32-bit platforms) it would perform an out-of-bounds array access.

ACKs for top commit:
  real-or-random:
    utACK d6ff738
  apoelstra:
    ACK d6ff738

Tree-SHA512: f2292fa6e03deff4598514f9070b1357ce307ce1d2b34c15da120198c2f9171dfae9e0aaddb99f2c577ec368a903337eb68281518e93e43c381c9875aa84144e
  • Loading branch information
real-or-random committed Jan 18, 2023
2 parents a01a7d8 + d6ff738 commit b1579cf
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/util.h
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,7 @@ static SECP256K1_INLINE int secp256k1_ctz32_var_debruijn(uint32_t x) {
0x10, 0x07, 0x0C, 0x1A, 0x1F, 0x17, 0x12, 0x05, 0x15, 0x09, 0x0F, 0x0B,
0x1E, 0x11, 0x08, 0x0E, 0x1D, 0x0D, 0x1C, 0x1B
};
return debruijn[((x & -x) * 0x04D7651F) >> 27];
return debruijn[(uint32_t)((x & -x) * 0x04D7651FU) >> 27];
}

/* Determine the number of trailing zero bits in a (non-zero) 64-bit x.
Expand All @@ -264,7 +264,7 @@ static SECP256K1_INLINE int secp256k1_ctz64_var_debruijn(uint64_t x) {
63, 52, 6, 26, 37, 40, 33, 47, 61, 45, 43, 21, 23, 58, 17, 10,
51, 25, 36, 32, 60, 20, 57, 16, 50, 31, 19, 15, 30, 14, 13, 12
};
return debruijn[((x & -x) * 0x022FDD63CC95386D) >> 58];
return debruijn[(uint64_t)((x & -x) * 0x022FDD63CC95386DU) >> 58];
}

/* Determine the number of trailing zero bits in a (non-zero) 32-bit x. */
Expand Down

0 comments on commit b1579cf

Please sign in to comment.