[PATCH v1 1/2] lib: sm3: fix coverity error

Tue Jan 6 15:14:04 CET 2026

Coverity scan reported:

CID 449815:         Memory - illegal accesses  (OVERRUN)
Overrunning array of 64 bytes at byte offset 64 by dereferencing pointer
"sctx->buffer + partial". [Note: The source code implementation of the
function has been overridden by a builtin model.]

In line: 252
   memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial);

The respective line should be:

memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial - 1);

as partial gets incremented by one before.

Signed-off-by: Heiko Schocher <hs at nabladev.com>
---

 lib/sm3.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/sm3.c b/lib/sm3.c
index 2a4e825481d..05880099703 100644
--- a/lib/sm3.c
+++ b/lib/sm3.c
@@ -249,7 +249,7 @@ void sm3_final(struct sm3_context *sctx, uint8_t output[SM3_DIGEST_SIZE])
 
 	sctx->buffer[partial++] = 0x80;
 	if (partial > bit_offset) {
-		memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial);
+		memset(sctx->buffer + partial, 0, SM3_BLOCK_SIZE - partial - 1);
 		partial = 0;
 
 		sm3_block(sctx, sctx->buffer, 1, W);
-- 
2.20.1

