On Sun, 2018-02-18 at 22:30 +0100, Niels Möller wrote:
nisse@lysator.liu.se (Niels Möller) writes:
For now, I think I'll fix this, and add a TMP_ALIGN_DECL, TMP_ALIGN_ALLOC.
Below patch seems to work. Other options?
Regards, /Niels
diff --git a/nettle-internal.h b/nettle-internal.h index 38c8d2a8..b109e944 100644 --- a/nettle-internal.h +++ b/nettle-internal.h @@ -35,20 +35,41 @@ #ifndef NETTLE_INTERNAL_H_INCLUDED #define NETTLE_INTERNAL_H_INCLUDED
+#include <assert.h>
#include "nettle-meta.h"
+/* For definition of NETTLE_MAX_HASH_CONTEXT_SIZE. */ +#include "sha3.h"
/* Temporary allocation, for systems that don't support alloca. Note
- that the allocation requests should always be reasonably small,
so
- that they can fit on the stack. For non-alloca systems, we use a
- fix maximum size, and abort if we ever need anything larger. */
- fix maximum size + an assert.
- TMP_DECL and TMP_ALLOC allocate an array of the given type, and
- take the array size (not byte size) as argument.
- TMP_DECL_ALIGN and TMP_ALLOC_ALIGN are intended for context
- structs, with void * pointer, size in bytes, and alignment
- requirements. On systems without alloca, implemented as an array
of
- uint64_t, to ensure alignment. Since it is used as void *
argument,
- no type casts are needed.
- */
#define ALIGN16(x) \ ((void *)(((ptrdiff_t)(x)+(ptrdiff_t)0x0f)&~((ptrdiff_t)0x0f)))
#if HAVE_ALLOCA # define TMP_DECL(name, type, max) type *name # define TMP_ALLOC(name, size) (name = alloca(sizeof (*name) * (size))) +# define TMP_DECL_ALIGN(name, max) void *name +# define TMP_ALLOC_ALIGN(name, size) (name = alloca(size))
What about this macros (untested, just idea demo):
#if defined(HAVE_ALLOCA) # define TMP_DECL_ALLOC(name, type, max, size) type *name = alloca(sizeof (*name) * (size))) #else if __STDC_VERSION__ >= 199901L # define TMP_DECL_ALLOC(name, type, max, size) \ type _tmp##name[size+16]; \ type *name = ALIGN16(_tmp##name) #else /* fallback for pre-C99 and pre-alloca() times # define TMP_DECL_ALLOC(name, type, max, size) \ type _tmp##name[max+16]; \ type *name = ALIGN16(_tmp##name); \ assert(size <= max) #endif
A more simplified version would be by eliminating the need to calculate max, and this removing support for compilers which don't have alloca() or C99 support (not sure if there are any of these).
regards, Nikos