From 6b1826a52681c6874e9399fd89fefd491b455642 Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 29 Mar 2026 06:31:07 +0000 Subject: [PATCH] ML-KEM: ensure that key_768 is only dereferenced with 768-bit keys This looks like a NULL dereference that should crash, but for some reason it doesn't, even with -O0 with all compilers i tried. At the very least it may result in compilers deducing that key_768 != NULL and lead to incorrect optimizations. ok claudio jsing kenjiro miod --- lib/libcrypto/mlkem/mlkem_internal.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/libcrypto/mlkem/mlkem_internal.c b/lib/libcrypto/mlkem/mlkem_internal.c index dec841312e5..12b1c3e2357 100644 --- a/lib/libcrypto/mlkem/mlkem_internal.c +++ b/lib/libcrypto/mlkem/mlkem_internal.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_internal.c,v 1.7 2026/03/06 09:22:29 kenjiro Exp $ */ +/* $OpenBSD: mlkem_internal.c,v 1.8 2026/03/29 06:31:07 tb Exp $ */ /* * Copyright (c) 2024, Google Inc. * Copyright (c) 2024, 2025 Bob Beck @@ -828,11 +828,13 @@ public_key_from_external(const MLKEM_public_key *external, struct public_key *pub) { size_t vector_size = external->rank * sizeof(scalar); - uint8_t *bytes = external->key_768->bytes; size_t offset = 0; + uint8_t *bytes; if (external->rank == MLKEM1024_RANK) bytes = external->key_1024->bytes; + else + bytes = external->key_768->bytes; pub->t = (struct scalar *)bytes + offset; offset += vector_size; @@ -856,10 +858,12 @@ private_key_from_external(const MLKEM_private_key *external, { size_t vector_size = external->rank * sizeof(scalar); size_t offset = 0; - uint8_t *bytes = external->key_768->bytes; + uint8_t *bytes; if (external->rank == MLKEM1024_RANK) bytes = external->key_1024->bytes; + else + bytes = external->key_768->bytes; priv->pub.t = (struct scalar *)(bytes + offset); offset += vector_size;