argon2: Avoid cppcheck integer oveflow warning

This patch avoid warning in constant-time base64 function: Error: CPPCHECK_WARNING (CWE-190): [#def2] cryptsetup-main/lib/crypto_backend/argon2/encoding.c:86: error[integerOverflow]: Signed integer overflow for expression ''0'-52'. The (x + ('0' - 52)) can be rewritten to (x - (52 - '0')) with the same effect. Similar solution used in https://github.com/pornin/CTTK/blob/master/src/base64.c
2025-12-05 16:00:05 +01:00 · 2024-11-06 09:39:50 +01:00
parent 3c5aa4ef59
commit 46289f92ff
1 changed files with 1 additions and 1 deletions
--- a/lib/crypto_backend/argon2/encoding.c
+++ b/lib/crypto_backend/argon2/encoding.c
@@ -83,7 +83,7 @@
 static int b64_byte_to_char(unsigned x) {
    return (LT(x, 26) & (x + 'A')) |
           (GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) |
-           (GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '+') |
+           (GE(x, 52) & LT(x, 62) & (x - (52 - '0'))) | (EQ(x, 62) & '+') |
           (EQ(x, 63) & '/');
 }