fix: potential alignment issues on take

Author: luau-project

.github/workflows/ci.yml

@@ -11,7 +11,7 @@ on:
       - "docs/**"
 
 env:
-  ROCKSPEC_VERSION: 0.0.2
+  ROCKSPEC_VERSION: 0.0.3
   DEV_ROCKSPEC: lua-cryptorandom-dev-1.rockspec
 
 jobs:

README.md

@@ -14,20 +14,11 @@
 > 
 > ```lua-cryptorandom``` is implemented in C, and also compiles as C++.
 
-## Use cases
-
-Many security operations rely on high-quality randomization services to avoid reproducibility and remain resistant to reverse engineering:
-
-* randomized password generation;
-* nonces (numbers used once) generation;
-* initialization vectors;
-* salts in passwords before hashing;
-* tokenization (*token generation*) to represent sensitive data;
-* secure random sampling in statistical analysis.
-
 ## Table of Contents
 
 * [Installation](#installation)
+* [Usage](#usage)
+* [Use cases](#use-cases)
 * [Methods](#methods)
     * [bytes](#bytes)
     * [integer](#integer)
@@ -66,6 +57,69 @@ Assuming that [LuaRocks](https://luarocks.org) is properly installed and configu
 luarocks install lua-cryptorandom
 ```
 
+## Usage
+
+* How to generate random bytes
+
+    ```lua
+    local random = require("lua-cryptorandom")
+
+    -- number of bytes to generate
+    local n = 10
+
+    local bytes, err = random.bytes(n)
+
+    if (bytes == nil) then
+        print("error code: ", err)
+    else
+        assert(n == #bytes, "Unexpected number of bytes")
+
+        -- print each byte
+        for i, b in ipairs(bytes) do
+            print(i, ("0x%02X"):format(b))
+        end
+    end
+    ```
+
+* How to generate a random integer
+
+    ```lua
+    local random = require("lua-cryptorandom")
+
+    local take, err = random.take()
+
+    if (take == nil) then
+        print("error code: ", err)
+    else
+        print("take: ", take)
+    end
+    ```
+
+* How to generate a random float number
+
+    ```lua
+    local random = require("lua-cryptorandom")
+
+    local number, err = random.number()
+
+    if (number == nil) then
+        print("error code: ", err)
+    else
+        print("number: ", number)
+    end
+    ```
+
+## Use cases
+
+Many security operations rely on high-quality randomization services to avoid reproducibility and remain resistant to reverse engineering:
+
+* randomized password generation;
+* nonces (numbers used once) generation;
+* initialization vectors;
+* salts in passwords before hashing;
+* tokenization (*token generation*) to represent sensitive data;
+* secure random sampling in statistical analysis.
+
 ## Methods
 
 > [!IMPORTANT]
@@ -176,10 +230,13 @@ luarocks install lua-cryptorandom
 > 
 > This section mostly applies to users running a customized build of Lua.
 
-* The error code (second return value) on each method might deliver a value different than the one returned by the underlying library. This condition might happen when the Lua type ```lua_Integer``` is shorter than an ```unsigned long``` in size. Even though it can be achieved on personalized builds of Lua (e.g.: Lua compiled as ANSI C on some platforms), the usual build of Lua should be safe for most users and platforms.
+* The error code (second return value) on each method might deliver a value different than the one returned by the underlying library. This condition might happen when the Lua type ```lua_Integer``` is shorter than an ```unsigned long``` in size. Even though it can be achieved on personalized builds of Lua (e.g.: Lua compiled as C89 on some platforms), the usual build of Lua should be safe for most users and platforms.
 
 ## Change log
 
+* v0.0.3:
+    * Using unions on [take](#take) to avoid alignment issues;
+    * Added the [Usage](#usage) section on README.
 * v0.0.2: Prevent the generation of ```NaN``` and positive/negative infinity values in the function [number](#number).
 * v0.0.1: Initial release.
 

rockspecs/lua-cryptorandom-0.0.3-1.rockspec

@@ -0,0 +1,105 @@
+package = "lua-cryptorandom"
+version = "0.0.3-1"
+
+source = {
+   url = "git+https://github.com/luau-project/lua-cryptorandom",
+   tag = "v0.0.3"
+}
+
+description = {
+   homepage = "https://github.com/luau-project/lua-cryptorandom",
+   summary = [[Generate cryptographically secure pseudo random numbers for Lua]],
+   detailed = [=[
+lua-cryptorandom is a lightweight, native library for Lua aimed to generate cryptographically secure pseudo random numbers, using trusted sources of randomness provided by the operating system.
+
+Visit the repository for more information.]=],
+   license = "MIT"
+}
+
+dependencies = {
+    "lua >= 5.1"
+}
+
+local function external_dependencies_plat()
+    return {
+        ["CRYPTO"] = {
+            header = "openssl/rand.h"
+        }
+    }
+end
+
+external_dependencies = {
+    platforms = {
+        linux = external_dependencies_plat(),
+        freebsd = external_dependencies_plat(),
+        openbsd = external_dependencies_plat(),
+        netbsd = external_dependencies_plat(),
+        dragonfly = external_dependencies_plat()
+    }
+}
+
+local function build_plat(plat)
+    if (plat == "macosx" or plat == "macos") then
+        return {
+            type = "make",
+            makefile = "Makefile.macosx",
+            build_variables = {                                                                               
+                CFLAGS = "$(CFLAGS)",                                                                         
+                LIBFLAG = "$(LIBFLAG)",
+                CFLAGS_EXTRA = "-DLUA_CRYPTORANDOM_BUILD_SHARED -DLUA_CRYPTORANDOM_USE_APPLE",
+                LIBFLAG_EXTRA = "-framework Security",
+                LUA_INCDIR = "$(LUA_INCDIR)",
+                OBJ_EXTENSION = "$(OBJ_EXTENSION)",
+                LIB_EXTENSION = "$(LIB_EXTENSION)"
+            },
+            install_variables = {
+                INSTALL_PREFIX = "$(PREFIX)",
+                INSTALL_LIBDIR = "$(LIBDIR)",
+                LUA_VERSION = "$(LUA_VERSION)",
+                LIB_EXTENSION = "$(LIB_EXTENSION)"
+            }
+        }
+    elseif (plat == "windows" or plat == "cygwin") then
+        return {
+            type = "builtin",
+            modules = {
+                ["lua-cryptorandom"] = {
+                    sources = { "src/lua-cryptorandom.c" },
+                    libraries = { "bcrypt" },
+                    defines = { "LUA_CRYPTORANDOM_BUILD_SHARED", "LUA_CRYPTORANDOM_USE_WIN32" },
+                    incdirs = { "src" },
+                    libdirs = { }
+                }
+            }
+        }
+    elseif (plat == "linux" or plat == "bsd") then
+        return {
+            type = "builtin",
+            modules = {
+                ["lua-cryptorandom"] = {
+                    sources = { "src/lua-cryptorandom.c" },
+                    libraries = { "crypto" },
+                    defines = { "LUA_CRYPTORANDOM_BUILD_SHARED", "LUA_CRYPTORANDOM_USE_OPENSSL" },
+                    incdirs = { "src", "$(CRYPTO_INCDIR)" },
+                    libdirs = { "$(CRYPTO_LIBDIR)" }
+                }
+            }
+        }
+    else
+        error("Unknown platform", 2)
+    end
+end
+
+build = {
+    platforms = {
+        macosx = build_plat("macosx"),
+        macos = build_plat("macos"),
+        windows = build_plat("windows"),
+        cygwin = build_plat("cygwin"),
+        linux = build_plat("linux"),
+        freebsd = build_plat("bsd"),
+        openbsd = build_plat("bsd"),
+        netbsd = build_plat("bsd"),
+        dragonfly = build_plat("bsd")
+    }
+}

src/lua-cryptorandom.c

@@ -32,6 +32,17 @@
 #define isinf(x) ((x)==(HUGE_VAL)?(1):((x)==(-HUGE_VAL)?(-1):(0)))
 #endif
 
+/*
+** helper union to the function
+** lua_cryptorandom_take
+*/
+typedef union tagLuaCryptoRandomInt
+{
+    int value;
+    unsigned char buffer[sizeof(int)];
+
+} LuaCryptoRandomInt;
+
 /*
 ** helper union to the function
 ** lua_cryptorandom_integer
@@ -124,18 +135,17 @@ static int lua_cryptorandom_bytes(lua_State *L)
 
 static int lua_cryptorandom_take(lua_State *L)
 {
-    unsigned char buffer[sizeof(int)];
+    LuaCryptoRandomInt rtake;
 
     unsigned long err;
-    if (lua_cryptorandom_bytes_impl(L, (unsigned char *)buffer, sizeof(int), &err) == 0)
+    if (lua_cryptorandom_bytes_impl(L, (unsigned char *)(rtake.buffer), sizeof(int), &err) == 0)
     {
         lua_pushnil(L);
         lua_pushinteger(L, (lua_Integer)err);
     }
     else
     {
-        int *take_ptr = (int *)buffer;
-        lua_pushinteger(L, *take_ptr);
+        lua_pushinteger(L, rtake.value);
         lua_pushnil(L);
     }