Clean up

Signed-off-by: Mattias Andrée <m@maandree.se>
author: Mattias Andrée <m@maandree.se> 2026-05-14 19:46:14 +0200
committer: Mattias Andrée <m@maandree.se> 2026-05-14 19:46:14 +0200
commit: 5660c556a06916c2f1e004f7f8d5e368b3a88e25 (patch)
tree: 562217dbfa5f33ee7a73f6bdfc3b67dc9245b4d9
parent: Fix test bug only found with musl+clang (diff)
download: librecrypt-5660c556a06916c2f1e004f7f8d5e368b3a88e25.tar.gz
librecrypt-5660c556a06916c2f1e004f7f8d5e368b3a88e25.tar.bz2
librecrypt-5660c556a06916c2f1e004f7f8d5e368b3a88e25.tar.xz
9 files changed, 49 insertions, 40 deletions
diff --git a/argon2/hash.c b/argon2/hash.c
index 313eea0..fd4609a 100644
--- a/argon2/hash.c
+++ b/argon2/hash.c
@@ -125,7 +125,7 @@ librecrypt__argon2__hash(char *restrict out_buffer, size_t size, const char *phr
 	if (libar2_hash(scratch ? scratch : out_buffer, REMOVE_CONST(phrase), len, &params, &ctx))
 		goto fail;
 	if (scratch && out_buffer)
-		memcpy(out_buffer, scratch, params.hashlen < size ? params.hashlen : size);
+		memcpy(out_buffer, scratch, MIN(params.hashlen, size));
 
 	/* same rationale as for `ctx.autoerase_salt = 1;` */
 	if (scratch) {
@@ -190,7 +190,7 @@ check(const char *phrase, const char *settings, const char *hash, size_t hashlen
 	for (i = 1u; i <= hashlen * 2u; i++) {
 		memset(buf, 0, sizeof(buf));
 		EXPECT(librecrypt__argon2__hash(buf, i, phrase, len, settings, prefix, NULL) == 0);
-		EXPECT(!memcmp(expected, buf, i < hashlen ? i : hashlen));
+		EXPECT(!memcmp(expected, buf, MIN(i, hashlen)));
 	}
 
 }
diff --git a/argon2/make_settings.c b/argon2/make_settings.c
index 9efb58f..924b33f 100644
--- a/argon2/make_settings.c
+++ b/argon2/make_settings.c
@@ -26,8 +26,8 @@ make_settings(char *out_buffer, size_t size, const char *algorithm, size_t memco
 		memcost >>= 10;
 		memcost += memcost_round_up;
 	}
-	memcost = memcost < LIBAR2_MIN_M_COST ? LIBAR2_MIN_M_COST : memcost;
-	memcost = memcost > LIBAR2_MAX_M_COST ? LIBAR2_MAX_M_COST : memcost;
+	memcost = MAX(memcost, LIBAR2_MIN_M_COST);
+	memcost = MIN(memcost, LIBAR2_MAX_M_COST);
 
 	/* Adjust `timecost` for algorithm */
 	if (!timecost) {
@@ -36,8 +36,8 @@ make_settings(char *out_buffer, size_t size, const char *algorithm, size_t memco
 		timecost = 40960u;
 	}
 	timecost /= memcost;
-	timecost = timecost < LIBAR2_MIN_T_COST ? LIBAR2_MIN_T_COST : timecost;
-	timecost = timecost > LIBAR2_MAX_T_COST ? LIBAR2_MAX_T_COST : timecost;
+	timecost = MAX(timecost, LIBAR2_MIN_T_COST);
+	timecost = MIN(timecost, LIBAR2_MAX_T_COST);
 
 	/* Get version */
 	p = algorithm;
@@ -57,13 +57,12 @@ make_settings(char *out_buffer, size_t size, const char *algorithm, size_t memco
 	}
 
 	/* Write algorithm and parameters */
-	r = snprintf(out_buffer, size, "%.*s$v=%s$m=%zu,t=%llu,p=1$",
-	             (int)algolen, algorithm, version,
-	             memcost, (unsigned long long int)timecost);
+	r = snprintf(out_buffer, size, "%.*s$v=%s$m=%zu,t=%ju,p=1$",
+	             (int)algolen, algorithm, version, memcost, timecost);
 	if (r < (int)sizeof("$argon2_$v=__$m=_,t=_,p=1$") - 1)
 		abort(); /* $covered$ (impossible) */
 	ret = (size_t)r;
-	min = size ? ret < size - 1u ? ret : size - 1u : 0u;
+	min = size ? MIN(ret, size - 1u) : 0u;
 	out_buffer = &out_buffer[min];
 	size -= min;
 
@@ -72,7 +71,7 @@ make_settings(char *out_buffer, size_t size, const char *algorithm, size_t memco
 		/* 16 bytes is 128 bits, and 128 = 21*6+2, so that is
 		 * 21 full base-64 characeters and 1 that only use 2 bits */
 		ret += len = 22u;
-		min = size ? len < size - 1u ? len : size - 1u : 0u;
+		min = size ? MIN(len, size - 1u) : 0u;
 		if (librecrypt_fill_with_random_(out_buffer, min, rng, user))
 			return -1;
 		if (min == len)
@@ -81,7 +80,7 @@ make_settings(char *out_buffer, size_t size, const char *algorithm, size_t memco
 			out_buffer[i] = librecrypt_common_rfc4848s4_encoding_lut_[((unsigned char *)out_buffer)[i]];
 	} else {
 		ret += len = sizeof("*16") - 1u;
-		min = size ? len < size - 1u ? len : size - 1u : 0u;
+		min = size ? MIN(len, size - 1u) : 0u;
 		memcpy(out_buffer, "*16", min);
 	}
 	out_buffer = &out_buffer[min];
@@ -89,7 +88,7 @@ make_settings(char *out_buffer, size_t size, const char *algorithm, size_t memco
 
 	/* Add tag size (size of hash result) */
 	ret += len = sizeof("$*32") - 1u;
-	min = size ? len < size - 1u ? len : size - 1u : 0u;
+	min = size ? MIN(len, size - 1u) : 0u;
 	memcpy(out_buffer, "$*32", min);
 	out_buffer = &out_buffer[min];
 	size -= min;
diff --git a/common.h b/common.h
index 1c41d21..f64399a 100644
--- a/common.h
+++ b/common.h
@@ -63,6 +63,16 @@
  */
 #define ELEMSOF(ARRAY) (sizeof(ARRAY) / sizeof(*(ARRAY)))
 
+/**
+ * Select the minimum of two values
+ */
+#define MIN(A, B) ((A) < (B) ? (A) : (B))
+
+/**
+ * Select the maximum of two values
+ */
+#define MAX(A, B) ((A) > (B) ? (A) : (B))
+
 
 #include "algorithms.h"
 
diff --git a/librecrypt_add_algorithm.c b/librecrypt_add_algorithm.c
index dfcc08e..cf7f6eb 100644
--- a/librecrypt_add_algorithm.c
+++ b/librecrypt_add_algorithm.c
@@ -45,7 +45,7 @@ librecrypt_add_algorithm(char *out_buffer, size_t size, const char *augend, cons
 		}
 		ret = prefix1 + 1u + prefix2;
 		if (size) {
-			min = prefix1 < size ? prefix1 : size;
+			min = MIN(prefix1, size);
 			if (out_buffer != augend)
 				memmove(out_buffer, augend, min);
 			out_buffer = &out_buffer[min];
@@ -54,7 +54,7 @@ librecrypt_add_algorithm(char *out_buffer, size_t size, const char *augend, cons
 				*out_buffer++ = LIBRECRYPT_ALGORITHM_LINK_DELIMITER;
 				size -= 1u;
 			}
-			min = prefix2 < size ? prefix2 : size;
+			min = MIN(prefix2, size);
 			memcpy(out_buffer, augment, min);
 			out_buffer = &out_buffer[min];
 			size -= min;
@@ -125,7 +125,7 @@ librecrypt_add_algorithm(char *out_buffer, size_t size, const char *augend, cons
 	}
 
 	/* Chain the hash algorithms: write `augent` */
-	min = prefix1 < size ? prefix1 : size;
+	min = MIN(prefix1, size);
 	if (out_buffer != augend)
 		memmove(out_buffer, augend, min);
 	out_buffer = &out_buffer[min];
@@ -133,7 +133,7 @@ librecrypt_add_algorithm(char *out_buffer, size_t size, const char *augend, cons
 	if (hashsize1 && size) {
 		if (snprintf(out_buffer, size + 1u, "*%zu", hashsize1) != r_int)
 			abort(); /* $covered$ (impossible reliably) */
-		min = (size_t)r_int < size ? (size_t)r_int : size;
+		min = MIN((size_t)r_int, size);
 		out_buffer = &out_buffer[min];
 		size -= min;
 	}
@@ -196,7 +196,7 @@ main(void)
 			EXPECT(librecrypt_add_algorithm(buf, i, (AUGEND), (AUGMENT), NULL) == r);\
 			if (!i)\
 				break;\
-			min = i - 1u < (size_t)r ? i - 1u : (size_t)r;\
+			min = MIN(i - 1u, (size_t)r);\
 			EXPECT(!buf[min]);\
 			EXPECT(!memcmp(buf, (RESULT), min));\
 		}\
@@ -215,7 +215,7 @@ main(void)
 			EXPECT(librecrypt_add_algorithm(buf, i, buf, (AUGMENT), NULL) == r);\
 			if (!i)\
 				break;\
-			min = i - 1u < (size_t)r ? i - 1u : (size_t)r;\
+			min = MIN(i - 1u, (size_t)r);\
 			EXPECT(!buf[min]);\
 			EXPECT(!memcmp(buf, (RESULT), min));\
 		}\
diff --git a/librecrypt_decode.c b/librecrypt_decode.c
index c7f397b..3981612 100644
--- a/librecrypt_decode.c
+++ b/librecrypt_decode.c
@@ -186,21 +186,21 @@ check(const char *binary, size_t binary_len, const char *ascii, size_t unpadded_
 	for (i = 0u; i < sizeof(buf); i++) {
 		memset(buf, 99, sizeof(buf));
 		EXPECT(librecrypt_decode(buf, i, ascii, unpadded_len, lut, '\0', 0) == (ssize_t)binary_len);
-		j = i < binary_len ? i : binary_len;
+		j = MIN(i, binary_len);
 		EXPECT(!memcmp(buf, binary, j));
 		for (; j < sizeof(buf); j++)
 			EXPECT(buf[j] == 99);
 
 		memset(buf, 99, sizeof(buf));
 		EXPECT(librecrypt_decode(buf, i, ascii, unpadded_len, lut, '\0', 1) == (ssize_t)binary_len);
-		j = i < binary_len ? i : binary_len;
+		j = MIN(i, binary_len);
 		EXPECT(!memcmp(buf, binary, j));
 		for (; j < sizeof(buf); j++)
 			EXPECT(buf[j] == 99);
 
 		memset(buf, 99, sizeof(buf));
 		EXPECT(librecrypt_decode(buf, i, ascii, unpadded_len, lut, '=', 0) == (ssize_t)binary_len);
-		j = i < binary_len ? i : binary_len;
+		j = MIN(i, binary_len);
 		EXPECT(!memcmp(buf, binary, j));
 		for (; j < sizeof(buf); j++)
 			EXPECT(buf[j] == 99);
@@ -208,7 +208,7 @@ check(const char *binary, size_t binary_len, const char *ascii, size_t unpadded_
 		if (padded_len == unpadded_len) {
 			memset(buf, 99, sizeof(buf));
 			EXPECT(librecrypt_decode(buf, i, ascii, unpadded_len, lut, '=', 1) == (ssize_t)binary_len);
-			j = i < binary_len ? i : binary_len;
+			j = MIN(i, binary_len);
 			EXPECT(!memcmp(buf, binary, j));
 			for (; j < sizeof(buf); j++)
 				EXPECT(buf[j] == 99);
@@ -228,7 +228,7 @@ check(const char *binary, size_t binary_len, const char *ascii, size_t unpadded_
 
 		memset(buf, 99, sizeof(buf));
 		EXPECT(librecrypt_decode(buf, i, ascii, padded_len, lut, '=', 0) == (ssize_t)binary_len);
-		j = i < binary_len ? i : binary_len;
+		j = MIN(i, binary_len);
 		EXPECT(!memcmp(buf, binary, j));
 		for (; j < sizeof(buf); j++)
 			EXPECT(buf[j] == 99);
@@ -236,7 +236,7 @@ check(const char *binary, size_t binary_len, const char *ascii, size_t unpadded_
 		if (check_good_padding) {
 			memset(buf, 99, sizeof(buf));
 			EXPECT(librecrypt_decode(buf, i, ascii, padded_len, lut, '=', 1) == (ssize_t)binary_len);
-			j = i < binary_len ? i : binary_len;
+			j = MIN(i, binary_len);
 			EXPECT(!memcmp(buf, binary, j));
 			for (; j < sizeof(buf); j++)
 				EXPECT(buf[j] == 99);
diff --git a/librecrypt_encode.c b/librecrypt_encode.c
index a15321e..6c81b33 100644
--- a/librecrypt_encode.c
+++ b/librecrypt_encode.c
@@ -39,7 +39,7 @@ librecrypt_encode(char *out_buffer, size_t size, const void *binary, size_t len,
 
 	/* NUL-terminate output */
 	size -= 1u;
-	out_buffer[n < size ? n : size] = '\0';
+	out_buffer[MIN(n, size)] = '\0';
 
 	/* Deal with situation where number of bytes is not divisible
 	 * byte there, and set excess bits to 0; padding characters are
@@ -168,8 +168,8 @@ check(const char *binary, size_t binary_len, const char *ascii, size_t ascii_len
 	for (i = 0u; i <= padded_ascii_len; i++) {
 		memset(buf, 99, sizeof(buf));
 		EXPECT(librecrypt_encode(buf, i + 1u, binary, binary_len, lut, '=') == padded_ascii_len);
-		j = i < ascii_len ? i : ascii_len;
-		n = i < padded_ascii_len ? i : padded_ascii_len;
+		j = MIN(i, ascii_len);
+		n = MIN(i, padded_ascii_len);
 		EXPECT(!memcmp(buf, ascii, j));
 		for (; j < n; j++)
 			EXPECT(buf[j] == '=');
diff --git a/librecrypt_hash_.c b/librecrypt_hash_.c
index 05f1743..a09d921 100644
--- a/librecrypt_hash_.c
+++ b/librecrypt_hash_.c
@@ -182,7 +182,7 @@ next:
 			/* Include hash length specification */
 			prefix = n;
 		}
-		min = size ? size - 1u < prefix ? size - 1u : prefix : 0u;
+		min = size ? MIN(size - 1u, prefix) : 0u;
 		size -= min;
 		memcpy(out_buffer, settings, min);
 		out_buffer = &out_buffer[min];
@@ -252,7 +252,7 @@ next:
 			                              size < hash_size ? phrase_scratches[phrase_scratch_i] : out_buffer,
 			                              hash_size, algo->encoding_lut, algo->strict_pad ? algo->pad : '\0');
 	include_ascii:
-			min = size ? size - 1u < ascii_len ? size - 1u : ascii_len : 0u;
+			min = size ? MIN(size - 1u, ascii_len) : 0u;
 			out_buffer = &out_buffer[min];
 			size -= min;
 			ret += ascii_len;
@@ -463,7 +463,7 @@ main(void)
 			memset(buf, 88, sizeof(buf));
 			EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_CRYPT) == r1);
 			if (i) {
-				n = i - 1u < (size_t)r1 ? i - 1u : (size_t)r1;
+				n = MIN(i - 1u, (size_t)r1);
 				EXPECT(!memcmp(buf, buf1, n));
 				EXPECT(buf[n] == '\0');
 			}
@@ -472,7 +472,7 @@ main(void)
 			memset(buf, 88, sizeof(buf));
 			EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_HASH) == r2);
 			if (i) {
-				n = i - 1u < (size_t)r2 ? i - 1u : (size_t)r2;
+				n = MIN(i - 1u, (size_t)r2);
 				EXPECT(!memcmp(buf, buf2, n));
 				EXPECT(buf[n] == '\0');
 			}
@@ -480,7 +480,7 @@ main(void)
 		if (i <= (size_t)r3 + 10u) {
 			memset(buf, 88, sizeof(buf));
 			EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), NULL, BINARY_HASH) == r3);
-			EXPECT(!memcmp(buf, buf3, i < (size_t)r3 ? i : (size_t)r3));
+			EXPECT(!memcmp(buf, buf3, MIN(i, (size_t)r3)));
 		}
 	}
 
diff --git a/librecrypt_realise_salts.c b/librecrypt_realise_salts.c
index 3fcce88..195afaf 100644
--- a/librecrypt_realise_salts.c
+++ b/librecrypt_realise_salts.c
@@ -49,7 +49,7 @@ librecrypt_realise_salts(char *restrict out_buffer, size_t size, const char *set
 		while (nasterisks--) {
 			/* Copy text before next '*' */
 			for (i = 0u; settings[i] != '*'; i++);
-			min = i < size ? i : size;
+			min = MIN(i, size);
 			memcpy(out_buffer, settings, min);
 			out_buffer = &out_buffer[min];
 			size -= min;
@@ -124,7 +124,7 @@ librecrypt_realise_salts(char *restrict out_buffer, size_t size, const char *set
 			size -= left;
 
 			/* Write padding charaters */
-			right = right < size ? right : size;
+			right = MIN(right, size);
 			for (i = 0u; i < right; i++)
 				out_buffer[right] = pad; /* $covered$ (TODO we currently don't have an algorithm to trigger this) */
 			out_buffer = &out_buffer[right];
@@ -135,7 +135,7 @@ librecrypt_realise_salts(char *restrict out_buffer, size_t size, const char *set
 		for (i = 0u; settings[i];)
 			if (settings[i++] == LIBRECRYPT_ALGORITHM_LINK_DELIMITER)
 				break;
-		min = i < size ? i : size;
+		min = MIN(i, size);
 		memcpy(out_buffer, settings, min);
 		out_buffer = &out_buffer[min];
 		size -= min;
diff --git a/librecrypt_rng_.c b/librecrypt_rng_.c
index e5fe6ec..e620c6f 100644
--- a/librecrypt_rng_.c
+++ b/librecrypt_rng_.c
@@ -51,7 +51,7 @@ librecrypt_rng_(void *out, size_t n, void *user)
 
 	/* Use getentropy(3posix) */
 	for (;;) {
-		min = n < 256u ? n : 256u;
+		min = MIN(n, 256u);
 		if (getentropy(buf, min)) {
 			if (errno != EINTR)
 				break;
@@ -376,7 +376,7 @@ main(void)
 	do {\
 		n1 = librecrypt_rng_(buf1, sizeof(buf1), NULL);\
 		EXPECT(n1 >= 128 && (size_t)n1 <= sizeof(buf1));\
-		EXPECT(memcmp(buf1, buf2, (size_t)(n1 < n2 ? n1 : n2)));\
+		EXPECT(memcmp(buf1, buf2, (size_t)MIN(n1, n2)));\
 	} while (0)
 
 #define CHECK2()\
@@ -385,7 +385,7 @@ main(void)
 		n2 = librecrypt_rng_(buf2, sizeof(buf2), &user);\
 		EXPECT(n1 >= 128 && (size_t)n1 <= sizeof(buf1));\
 		EXPECT(n2 >= 128 && (size_t)n2 <= sizeof(buf2));\
-		EXPECT(memcmp(buf1, buf2, (size_t)(n1 < n2 ? n1 : n2)));\
+		EXPECT(memcmp(buf1, buf2, (size_t)MIN(n1, n2)));\
 	} while (0)
 
 	/* Test with output pattern (useful for other tests) */
@@ -504,7 +504,7 @@ main(void)
 	/* Check with getentropy(3) with small buffer */
 	n1 = librecrypt_rng_(buf1, 64u, NULL);
 	EXPECT(n1 == 64u);
-	EXPECT(memcmp(buf1, buf2, (size_t)(n1 < n2 ? n1 : n2)));
+	EXPECT(memcmp(buf1, buf2, (size_t)MIN(n1, n2)));
 
 	/* Don't use getentropy(3) for reminder of the test */
 	libtest_getentropy_error = ENOSYS;
author	Mattias Andrée <m@maandree.se>	2026-05-14 19:46:14 +0200
committer	Mattias Andrée <m@maandree.se>	2026-05-14 19:46:14 +0200
commit	5660c556a06916c2f1e004f7f8d5e368b3a88e25 (patch)
tree	562217dbfa5f33ee7a73f6bdfc3b67dc9245b4d9
parent	Fix test bug only found with musl+clang (diff)
download	librecrypt-5660c556a06916c2f1e004f7f8d5e368b3a88e25.tar.gz librecrypt-5660c556a06916c2f1e004f7f8d5e368b3a88e25.tar.bz2 librecrypt-5660c556a06916c2f1e004f7f8d5e368b3a88e25.tar.xz