From 97444f0a25b2cb36a11493ab0e3ecdd38e610727 Mon Sep 17 00:00:00 2001
From: Andrew Kaster <akaster@serenityos.org>
Date: Sun, 27 Jun 2021 23:38:48 -0600
Subject: [PATCH] LibCrypto: Avoid unaligned reads in GHash constructor

The fact that this always reads 16 bytes from the input byte stream
for the key data is still a bit on the suspicious side, but at least
it won't crash UBSAN anymore.
---
 Userland/Libraries/LibCrypto/Authentication/GHash.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/Userland/Libraries/LibCrypto/Authentication/GHash.h b/Userland/Libraries/LibCrypto/Authentication/GHash.h
index 2101912da3..82a9dc573b 100644
--- a/Userland/Libraries/LibCrypto/Authentication/GHash.h
+++ b/Userland/Libraries/LibCrypto/Authentication/GHash.h
@@ -6,6 +6,7 @@
 
 #pragma once
 
+#include <AK/ByteReader.h>
 #include <AK/String.h>
 #include <AK/Types.h>
 #include <LibCrypto/Hash/HashFunction.h>
@@ -35,8 +36,10 @@ public:
 
     explicit GHash(const ReadonlyBytes& key)
     {
-        for (size_t i = 0; i < 16; i += 4)
-            m_key[i / 4] = AK::convert_between_host_and_big_endian(*(const u32*)(key.offset(i)));
+        VERIFY(key.size() >= 16);
+        for (size_t i = 0; i < 16; i += 4) {
+            m_key[i / 4] = AK::convert_between_host_and_big_endian(ByteReader::load32(key.offset(i)));
+        }
     }
 
     constexpr static size_t digest_size() { return TagType::Size; }