From 3499e054c5dbf611c74948d4c7f32d86f6520bbc Mon Sep 17 00:00:00 2001 From: div72 <60045611+div72@users.noreply.github.com> Date: Sat, 30 Jul 2022 02:44:07 +0300 Subject: [PATCH] misc: fix UB in CPID hashing --- src/gridcoin/cpid.h | 18 +++++++++++++----- src/test/gridcoin/cpid_tests.cpp | 15 --------------- 2 files changed, 13 insertions(+), 20 deletions(-) diff --git a/src/gridcoin/cpid.h b/src/gridcoin/cpid.h index b644abbd8c..c8b3df5417 100644 --- a/src/gridcoin/cpid.h +++ b/src/gridcoin/cpid.h @@ -454,9 +454,9 @@ namespace std { //! This enables the use of GRC::Cpid as a key in a std::unordered_map object. //! //! CONSENSUS: Don't use the hash produced by this routine (or by any std::hash -//! specialization) in protocol-specific implementations. It ignores endianness -//! and outputs a value with a chance of collision probably too great for usage -//! besides the intended local look-up functionality. +//! specialization) in protocol-specific implementations. It outputs a value +//! with a chance of collision probably too great for usage besides the intended +//! local look-up functionality. //! template<> struct hash @@ -473,8 +473,16 @@ struct hash // Just convert the CPID into a value that we can store in a size_t // object. CPIDs are already unique identifiers. // - return *reinterpret_cast(cpid.Raw().data()) - + *reinterpret_cast(cpid.Raw().data() + 8); + const auto& data = cpid.Raw(); + size_t ret = ((size_t)(data[0] & 255) | (size_t)(data[1] & 255) << 8 | + (size_t)(data[2] & 255) << 16 | (size_t)(data[3] & 255) << 24); + + if (sizeof(size_t) == 8) { + ret |= ((size_t)(data[4] & 255) << 32 | (size_t)(data[5] & 255) << 40 | + (size_t)(data[6] & 255) << 48 | (size_t)(data[7] & 255) << 56); + } + + return ret; } }; } diff --git a/src/test/gridcoin/cpid_tests.cpp b/src/test/gridcoin/cpid_tests.cpp index 6becf0cc51..22b095dd7c 100644 --- a/src/test/gridcoin/cpid_tests.cpp +++ b/src/test/gridcoin/cpid_tests.cpp @@ -239,21 +239,6 @@ BOOST_AUTO_TEST_CASE(it_deserializes_from_a_stream) BOOST_CHECK(bytes == expected); } -BOOST_AUTO_TEST_CASE(it_is_hashable_to_key_a_lookup_map) -{ - GRC::Cpid cpid(std::vector { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, - }); - - std::hash hasher; - - // CPID halves, little endian - const size_t expected = static_cast(0x0706050403020100ull + 0x1514131211100908ull); - - BOOST_CHECK_EQUAL(hasher(cpid), expected); -} - BOOST_AUTO_TEST_SUITE_END() // -----------------------------------------------------------------------------