parent
dc08b52f96
commit
4ba8a98a2f
@ -1,2 +1,2 @@
|
||||
SOURCES/libbsd-0.11.7.tar.xz
|
||||
SOURCES/libbsd-0.11.7.tar.xz.asc
|
||||
SOURCES/libbsd-0.12.2.tar.xz
|
||||
SOURCES/libbsd-0.12.2.tar.xz.asc
|
||||
|
@ -1,2 +1,2 @@
|
||||
e5f5fffcc2094661a105074c1538f1e434990490 SOURCES/libbsd-0.11.7.tar.xz
|
||||
311622ec83d75cdc814c9d985bb1647b029e4ae1 SOURCES/libbsd-0.11.7.tar.xz.asc
|
||||
c8f49920dec71e8e72f2b19f6c209b440a367d3a SOURCES/libbsd-0.12.2.tar.xz
|
||||
e234fc7862bd78065ebf5222f7dcc54ae6b33786 SOURCES/libbsd-0.12.2.tar.xz.asc
|
||||
|
@ -1,83 +0,0 @@
|
||||
From d5865759f8698f1c75339451a26fa3ae00276a51 Mon Sep 17 00:00:00 2001
|
||||
From: Guillem Jover <guillem@hadrons.org>
|
||||
Date: Thu, 25 Aug 2022 00:52:43 +0200
|
||||
Subject: [PATCH] test: Fix explicit_bzero() test on the Hurd
|
||||
|
||||
On the Hurd a small read(3) might end up (indirectly) copying the data
|
||||
on the stack, which we will end up finding even when we have cleared
|
||||
the buffer.
|
||||
|
||||
To avoid these side effects, we add a new function, that we force not
|
||||
to be inlined, so that we can reuse the same stack space, that will
|
||||
blank any possible stack side effects. This should be portable
|
||||
regardless of stack growing up or down.
|
||||
|
||||
Diagnosis-by: Samuel Thibault <sthibault@debian.org>
|
||||
---
|
||||
COPYING | 2 +-
|
||||
test/explicit_bzero.c | 15 +++++++++++++++
|
||||
2 files changed, 16 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/COPYING b/COPYING
|
||||
index 67223d4..cf43edd 100644
|
||||
--- a/COPYING
|
||||
+++ b/COPYING
|
||||
@@ -369,7 +369,7 @@ Copyright:
|
||||
Copyright © 2014 Theo de Raadt <deraadt@openbsd.org>
|
||||
Copyright © 2014 Google Inc.
|
||||
Copyright © 2015 Michael Felt <aixtools@gmail.com>
|
||||
- Copyright © 2015 Guillem Jover <guillem@hadrons.org>
|
||||
+ Copyright © 2015, 2022 Guillem Jover <guillem@hadrons.org>
|
||||
License: ISC
|
||||
Permission to use, copy, modify, and distribute this software for any
|
||||
purpose with or without fee is hereby granted, provided that the above
|
||||
diff --git a/test/explicit_bzero.c b/test/explicit_bzero.c
|
||||
index 74993c2..bee29de 100644
|
||||
--- a/test/explicit_bzero.c
|
||||
+++ b/test/explicit_bzero.c
|
||||
@@ -1,6 +1,7 @@
|
||||
/* $OpenBSD: explicit_bzero.c,v 1.7 2021/03/27 11:17:58 bcook Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2014 Google Inc.
|
||||
+ * Copyright (c) 2022 Guillem Jover <guillem@hadrons.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
@@ -123,6 +124,18 @@ populate_secret(char *buf, ssize_t len)
|
||||
ASSERT_EQ(0, close(fds[0]));
|
||||
}
|
||||
|
||||
+static void __attribute__((__noinline__))
|
||||
+blank_stack_side_effects(char *buf, size_t len)
|
||||
+{
|
||||
+ char scratch[SECRETBYTES * 4];
|
||||
+
|
||||
+ /* If the read(3) in populate_secret() wrote into the stack, as it
|
||||
+ * might happen on the Hurd for small data, then we might incorrectly
|
||||
+ * detect the wrong secret on the stack. */
|
||||
+ memset(scratch, 0xFF, sizeof(scratch));
|
||||
+ ASSERT_EQ(NULL, memmem(scratch, sizeof(scratch), buf, len));
|
||||
+}
|
||||
+
|
||||
static int
|
||||
count_secrets(const char *buf)
|
||||
{
|
||||
@@ -143,6 +156,7 @@ test_without_bzero(void)
|
||||
char *res;
|
||||
assert_on_stack();
|
||||
populate_secret(buf, sizeof(buf));
|
||||
+ blank_stack_side_effects(buf, sizeof(buf));
|
||||
res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
|
||||
ASSERT_NE(NULL, res);
|
||||
return (res);
|
||||
@@ -155,6 +169,7 @@ test_with_bzero(void)
|
||||
char *res;
|
||||
assert_on_stack();
|
||||
populate_secret(buf, sizeof(buf));
|
||||
+ blank_stack_side_effects(buf, sizeof(buf));
|
||||
res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
|
||||
ASSERT_NE(NULL, res);
|
||||
explicit_bzero(buf, sizeof(buf));
|
||||
--
|
||||
GitLab
|
||||
|
Loading…
Reference in new issue