From 99740b4fac501e26f226aed284b825273c41432e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Storsj=C3=B6?= <martin@martin.st>
Date: Tue, 23 Apr 2013 17:12:45 +0300
Subject: [PATCH] salsa20: Don't return via W64_EXIT within the Lpartial
 subfunction

The Lpartial subfunction is entered with plain call instructions,
and the win64 epilogue should only run when actually exiting the
whole salsa20_crypt function.
---
 ChangeLog                | 2 ++
 x86_64/salsa20-crypt.asm | 5 +++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 0a30fbd4..8dc48dee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
 2013-04-23  Niels Möller  <nisse@lysator.liu.se>
 
 	From Martin Storsjö:
+	* x86_64/salsa20-crypt.asm (Lpartial): Don't return via W64_EXIT
+	within this subfunction.
 	* x86_64/machine.m4 (W64_ENTRY): Use movdqu instead of movdqa for
 	saving xmm registers, since the stack is not guaranteed to be
 	16-byte aligned on win64.
diff --git a/x86_64/salsa20-crypt.asm b/x86_64/salsa20-crypt.asm
index 25b7e497..9d1b53d9 100644
--- a/x86_64/salsa20-crypt.asm
+++ b/x86_64/salsa20-crypt.asm
@@ -224,10 +224,11 @@ PROLOGUE(nettle_salsa20_crypt)
 	shr	$16, XREG(T64)
 .Llt2:
 	test	$1, LENGTH
-	jz	.Lend
+	jz	.Lret
 	xor	(SRC, POS), LREG(T64)
 	mov	LREG(T64), (DST, POS)
 
-	jmp	.Lend
+.Lret:
+	ret
 
 EPILOGUE(nettle_salsa20_crypt)
-- 
GitLab