Compare commits
No commits in common. 'i9' and 'epel9' have entirely different histories.
@ -1 +1,2 @@
|
|||||||
SOURCES/libbsd-0.11.7.tar.xz
|
/libbsd-*.tar.xz
|
||||||
|
/libbsd-*.tar.xz.asc
|
||||||
|
@ -1 +0,0 @@
|
|||||||
e5f5fffcc2094661a105074c1538f1e434990490 SOURCES/libbsd-0.11.7.tar.xz
|
|
@ -1,83 +0,0 @@
|
|||||||
From d5865759f8698f1c75339451a26fa3ae00276a51 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Guillem Jover <guillem@hadrons.org>
|
|
||||||
Date: Thu, 25 Aug 2022 00:52:43 +0200
|
|
||||||
Subject: [PATCH] test: Fix explicit_bzero() test on the Hurd
|
|
||||||
|
|
||||||
On the Hurd a small read(3) might end up (indirectly) copying the data
|
|
||||||
on the stack, which we will end up finding even when we have cleared
|
|
||||||
the buffer.
|
|
||||||
|
|
||||||
To avoid these side effects, we add a new function, that we force not
|
|
||||||
to be inlined, so that we can reuse the same stack space, that will
|
|
||||||
blank any possible stack side effects. This should be portable
|
|
||||||
regardless of stack growing up or down.
|
|
||||||
|
|
||||||
Diagnosis-by: Samuel Thibault <sthibault@debian.org>
|
|
||||||
---
|
|
||||||
COPYING | 2 +-
|
|
||||||
test/explicit_bzero.c | 15 +++++++++++++++
|
|
||||||
2 files changed, 16 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/COPYING b/COPYING
|
|
||||||
index 67223d4..cf43edd 100644
|
|
||||||
--- a/COPYING
|
|
||||||
+++ b/COPYING
|
|
||||||
@@ -369,7 +369,7 @@ Copyright:
|
|
||||||
Copyright © 2014 Theo de Raadt <deraadt@openbsd.org>
|
|
||||||
Copyright © 2014 Google Inc.
|
|
||||||
Copyright © 2015 Michael Felt <aixtools@gmail.com>
|
|
||||||
- Copyright © 2015 Guillem Jover <guillem@hadrons.org>
|
|
||||||
+ Copyright © 2015, 2022 Guillem Jover <guillem@hadrons.org>
|
|
||||||
License: ISC
|
|
||||||
Permission to use, copy, modify, and distribute this software for any
|
|
||||||
purpose with or without fee is hereby granted, provided that the above
|
|
||||||
diff --git a/test/explicit_bzero.c b/test/explicit_bzero.c
|
|
||||||
index 74993c2..bee29de 100644
|
|
||||||
--- a/test/explicit_bzero.c
|
|
||||||
+++ b/test/explicit_bzero.c
|
|
||||||
@@ -1,6 +1,7 @@
|
|
||||||
/* $OpenBSD: explicit_bzero.c,v 1.7 2021/03/27 11:17:58 bcook Exp $ */
|
|
||||||
/*
|
|
||||||
* Copyright (c) 2014 Google Inc.
|
|
||||||
+ * Copyright (c) 2022 Guillem Jover <guillem@hadrons.org>
|
|
||||||
*
|
|
||||||
* Permission to use, copy, modify, and distribute this software for any
|
|
||||||
* purpose with or without fee is hereby granted, provided that the above
|
|
||||||
@@ -123,6 +124,18 @@ populate_secret(char *buf, ssize_t len)
|
|
||||||
ASSERT_EQ(0, close(fds[0]));
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void __attribute__((__noinline__))
|
|
||||||
+blank_stack_side_effects(char *buf, size_t len)
|
|
||||||
+{
|
|
||||||
+ char scratch[SECRETBYTES * 4];
|
|
||||||
+
|
|
||||||
+ /* If the read(3) in populate_secret() wrote into the stack, as it
|
|
||||||
+ * might happen on the Hurd for small data, then we might incorrectly
|
|
||||||
+ * detect the wrong secret on the stack. */
|
|
||||||
+ memset(scratch, 0xFF, sizeof(scratch));
|
|
||||||
+ ASSERT_EQ(NULL, memmem(scratch, sizeof(scratch), buf, len));
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static int
|
|
||||||
count_secrets(const char *buf)
|
|
||||||
{
|
|
||||||
@@ -143,6 +156,7 @@ test_without_bzero(void)
|
|
||||||
char *res;
|
|
||||||
assert_on_stack();
|
|
||||||
populate_secret(buf, sizeof(buf));
|
|
||||||
+ blank_stack_side_effects(buf, sizeof(buf));
|
|
||||||
res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
|
|
||||||
ASSERT_NE(NULL, res);
|
|
||||||
return (res);
|
|
||||||
@@ -155,6 +169,7 @@ test_with_bzero(void)
|
|
||||||
char *res;
|
|
||||||
assert_on_stack();
|
|
||||||
populate_secret(buf, sizeof(buf));
|
|
||||||
+ blank_stack_side_effects(buf, sizeof(buf));
|
|
||||||
res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
|
|
||||||
ASSERT_NE(NULL, res);
|
|
||||||
explicit_bzero(buf, sizeof(buf));
|
|
||||||
--
|
|
||||||
GitLab
|
|
||||||
|
|
@ -1,16 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQIzBAABCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAmM+OcMACgkQuXK/PqSu
|
|
||||||
V6N8dA/9HvRw8/1oxr7+3aIBFQ2bMFwxSojwID5KrBeRQH48vuAxouCtKNAHx4fv
|
|
||||||
VCSULx9AXwWxy+MV4Ib8fzeJaawJBjdnyN3Dfifyt3GsZESoBkvl0reJSOq3g9wt
|
|
||||||
LJydT9NNJqB2DNrOg9bemrDt2IeF4yinM6Yv4N2jBe+b1UOHXgdjYtGqchqvcAOi
|
|
||||||
h14o8MGjHxj3E6Q+m1i+nB2ILrxrJvsXa5M7UD/OHmAj3l1V8gf28g4iOc3WHKzx
|
|
||||||
nPfdk5h3ErAmxLlNYC875uhgFdCNje4U40xY0Zu492CxQzKUmTfQuNn1PDlRcWbD
|
|
||||||
aM02u7c9O8M+xTDbHmuedXDylwek2FfPEo8hhb6tgusq6wmPweeGnP1w3SfEcg7b
|
|
||||||
VxqHqjuumBfEAfUjTZ6gSKgygrFxxfz3liqfUJ35Ndf2vFjeq2kY+lsvdl8qZ+mK
|
|
||||||
QyDgSQTreZRPhlUEjbij+rAQbMj8sDA1+hIJFMF5iltrx5Q96kRAxpUbl45oR+l0
|
|
||||||
w70xz8QpJoY57n9InOUWDZEr/FINL9I2LGBumiPlBQnUOyLzcbOYzxown38gemkH
|
|
||||||
KdMbC99TCeUQNBnry4VtURQEoDLjWm99gfTgV4bBG9Mry5/Xnhw5Ybv+yPZUP5xJ
|
|
||||||
+bj7cN8T/g+aAdIgrlccQviLNAtzR4H5LRL5sKI3alnoY7wBIx4=
|
|
||||||
=oPWW
|
|
||||||
-----END PGP SIGNATURE-----
|
|
@ -0,0 +1,2 @@
|
|||||||
|
SHA512 (libbsd-0.12.2.tar.xz) = ce43e4f0486d5f00d4a8119ee863eaaa2f968cae4aa3d622976bb31ad601dfc565afacef7ebade5eba33fff1c329b5296c6387c008d1e1805d878431038f8b21
|
||||||
|
SHA512 (libbsd-0.12.2.tar.xz.asc) = c2e56aa572ce50d6342c0e45622958eba40319e09d45dc3cff6296cb10eebc0c4154d6f758dd2470a1794251fc0273d05ac2d735698eae83183769df5f7d44c3
|
Loading…
Reference in new issue