crypto/internal: keep fips140/aes.NewCTR from allocating

Return a *CTR from an always-inlineable function, so the allocation
can be lifted to the callsite.

Put the potentially uninlineable code in a separate function that returns a CTR.

Fixes #70499

Change-Id: I2531a2516e4c00aba65407f3bc24a7c21dd8f842
Reviewed-on: https://go-review.googlesource.com/c/go/+/631317
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/src/crypto/internal/fips140/aes/ctr.go b/src/crypto/internal/fips140/aes/ctr.go
index ec1959a225885ad7fc8230cd2e93304d4fe65de7..f612034d85ff1ac8d5e900cab9e0a43a1ac7608a 100644 (file)
--- a/src/crypto/internal/fips140/aes/ctr.go
+++ b/src/crypto/internal/fips140/aes/ctr.go
@@ -18,11 +18,18 @@ type CTR struct {
 }
 
 func NewCTR(b *Block, iv []byte) *CTR {
+       // Allocate the CTR here, in an easily inlineable function, so
+       // the allocation can be done in the caller's stack frame
+       // instead of the heap.  See issue 70499.
+       c := newCTR(b, iv)
+       return &c
+}
+func newCTR(b *Block, iv []byte) CTR {
        if len(iv) != BlockSize {
                panic("bad IV length")
        }
 
-       return &CTR{
+       return CTR{
                b:      *b,
                ivlo:   byteorder.BEUint64(iv[8:16]),
                ivhi:   byteorder.BEUint64(iv[0:8]),