Changeset 544 for trunk/src

Timestamp:

Feb 17, 2019, 2:41:49 PM (6 years ago)

Author:

katerina

Message:

Fix for ticket #436 (new gcc compiler options, including LTO).

Location:

trunk/src

Files:

• bignum.c (modified) (2 diffs)
• cutest_slib.c (modified) (1 diff)
• sh_calls.c (modified) (1 diff)
• sh_srp.c (modified) (10 diffs)
• sh_xfer_client.c (modified) (4 diffs)
• sh_xfer_server.c (modified) (4 diffs)
• slib.c (modified) (2 diffs)

trunk/src/bignum.c

@@ -425 +425 @@
 {
     DIGIT *a_ptr, *b_ptr;
+    int retval = 0;
 
     if (a->dgs_used  == b->dgs_used)
@@ -437 +438 @@
         if (a_ptr < a->dp)
         {
-            return 0;
+            return retval;
         }
         else
         {
-            return (*a_ptr > *b_ptr) ? 1 : -1;
-        }
+            if (retval == 0)
+                retval = (*a_ptr > *b_ptr) ? 1 : -1;
+        }
+        return retval;
     }
     return (a->dgs_used > b->dgs_used) ? 1 : -1;

trunk/src/cutest_slib.c

@@ -58 +58 @@
 }
 
+void Test_sl_ts_strncmp (CuTest *tc) {
+  char one[64], two[64];
+  int  res;
+
+  strcpy(one, "foo");
+  strcpy(two, "foo");
+  res = sl_ts_strncmp(one, two, 3);
+  CuAssertIntEquals(tc, 0, res);
+
+  strcpy(one, "fox");
+  strcpy(two, "foo");
+  res = sl_ts_strncmp(one, two, 2);
+  CuAssertIntEquals(tc, 0, res);
+  
+  strcpy(one, "f9o");
+  strcpy(two, "foo");
+  res = sl_ts_strncmp(one, two, 3);
+  CuAssertTrue(tc, 0 != res);
+
+}
+
 void Test_sl_strcasecmp (CuTest *tc) {
   char one[64], two[64];

trunk/src/sh_calls.c

@@ -51 +51 @@
 #include "samhain.h"
 #include "sh_error.h"
-#include "sh_calls.h"
 #include "sh_ipvx.h"
 #include "sh_sub.h"

trunk/src/sh_srp.c

@@ -48 +48 @@
 #define bignum MP_INT
 
-inline
+static
 int big_create (bignum * a)
 {
@@ -55 +55 @@
 }
 
-inline
+static
 int big_zerop (bignum * a)
 {
@@ -69 +69 @@
 }
 
-inline
+static
 int big_trunc (bignum * a, bignum * b, bignum * q, bignum *r)
 {
@@ -76 +76 @@
 }
 
-inline
+static
 int big_exptmod (bignum * a, bignum * b, bignum * c, bignum *d)
 {
@@ -136 +136 @@
 }
 
-inline 
+static 
 int big_add(bignum * a, bignum * b, bignum * c)
 {
@@ -143 +143 @@
 }
 
-inline 
+static 
 int big_sub(bignum * a, bignum * b, bignum * c)
 {
@@ -150 +150 @@
 }
 
-inline 
+static 
 int big_mul(bignum * a, bignum * b, bignum * c)
 {
@@ -157 +157 @@
 }
 
-inline 
+static 
 int big_greaterp(bignum * a, bignum * b)
 {
@@ -163 +163 @@
 }
 
-inline 
+static 
 int big_set_big(bignum * a, bignum * b)
 {
@@ -171 +171 @@
 
 
-inline 
+static 
 int big_set_string(const char * str, int base, bignum * a)
 {

trunk/src/sh_xfer_client.c

@@ -769 +769 @@
    */
   sh_passwd (nounce, NULL, NULL, temp);
-  if ( 0 != sl_strncmp(temp, answer, KEY_LEN))
+  if ( 0 != sl_ts_strncmp(temp, answer, KEY_LEN))
     flag_err = (-1);
   
@@ -1003 +1003 @@
                                     );
                       if (M != NULL && 
-                          0 == sl_strncmp (answer, M, KEY_LEN+1))
+                          0 == sl_ts_strncmp (answer, M, KEY_LEN+1))
                         {
                           sl_strlcpy (skey->session, 
@@ -1083 +1083 @@
                         pos+1);
       flag_err = 
-        sl_strncmp(&answer[KEY_LEN+pos],
+        sl_ts_strncmp(&answer[KEY_LEN+pos],
                    sh_util_siggen(skey->session, 
                                   buffer,
@@ -1202 +1202 @@
       (void) sl_strlcpy(buffer, errmsg, len);
       (void) sl_strlcat(buffer, nsrv,   len);
-      flag_err = sl_strncmp(answer,
-                            sh_util_siggen(skey->session, 
-                                           buffer,
-                                           sl_strlen(buffer),
-                                           sigbuf, sizeof(sigbuf)),
-                            KEY_LEN);
+      flag_err = sl_ts_strncmp(answer,
+                               sh_util_siggen(skey->session, 
+                                              buffer,
+                                              sl_strlen(buffer),
+                                              sigbuf, sizeof(sigbuf)),
+                               KEY_LEN);
       TPT((0, FIL__, __LINE__, _("msg=<sign %s.>\n"),
            sh_util_siggen(skey->session, buffer, 

trunk/src/sh_xfer_server.c

@@ -1198 +1198 @@
               KEY_LEN+1);
   
-  if (0 != sl_strncmp(conn->K, conn->buf, KEY_LEN))
+  if (0 != sl_ts_strncmp(conn->K, conn->buf, KEY_LEN))
     {
       TPT((0, FIL__, __LINE__, _("msg=<clt %s>\n"), conn->buf));
@@ -1664 +1664 @@
            */
           buffer = sh_util_strconcat(conn->buf, conn->challenge, NULL);
-          i =  sl_strncmp(hash, 
-                          sh_util_siggen(conn->client_entry->session_key,
-                                         buffer,
-                                         sl_strlen(buffer),
-                                         sigbuf, sizeof(sigbuf)),
-                          KEY_LEN);
+          i =  sl_ts_strncmp(hash, 
+                             sh_util_siggen(conn->client_entry->session_key,
+                                            buffer,
+                                            sl_strlen(buffer),
+                                            sigbuf, sizeof(sigbuf)),
+                             KEY_LEN);
           TPT((0, FIL__, __LINE__, _("msg=<sign %s.>\n"),
                sh_util_siggen(conn->client_entry->session_key,
@@ -2088 +2088 @@
       TPT((0, FIL__, __LINE__, _("msg=<c/r: P = %s>\n"), conn->M1));
       
-      if ( 0 != sl_strncmp(conn->M1, conn->buf, KEY_LEN))
+      if ( 0 != sl_ts_strncmp(conn->M1, conn->buf, KEY_LEN))
         {
           sh_error_handle((-1), FIL__, __LINE__, 0, MSG_TCP_BADCONN,
@@ -2414 +2414 @@
        */
       if (conn->buf != NULL && 
-          sl_strncmp(conn->buf, conn->M1, KEY_LEN) == 0)
+          sl_ts_strncmp(conn->buf, conn->M1, KEY_LEN) == 0)
         {
           /*

trunk/src/slib.c

@@ -588 +588 @@
 /*
  * Have memset in a different translation unit (i.e. this) to prevent 
- * it to get optimized away
+ * it to get optimized away ...not safe with link-time optimisation...
  */
-void *sl_memset(void *s, int c, size_t n)
-{
-  return memset(s, c,n);
+void * sl_memset(void *s, int c, size_t n)
+{
+  /* See:
+   * https://www.usenix.org/sites/default/files/conference/protected-files/usenixsecurity17_slides_zhaomo_yang.pdf
+   */
+#if defined(HAVE_EXPLICIT_MEMSET)
+  return explicit_memset(s, c, n);
+#elif defined(HAVE_EXPLICIT_BZERO)
+  if (c == 0) {
+    explicit_bzero(s, n);
+    return s;
+  } else {
+    return memset(s, c, n);
+  }
+#elif defined(__GNUC__)
+  memset(s, c, n);
+  __asm__  __volatile__ ("" ::"r"(s): "memory"); /* compiler barrier */
+  return s;
+#else
+  if (c == 0) {
+    size_t i;
+    volatile unsigned char * t_s = (volatile unsigned char *)s;
+    for (i=0; i<n; ++i)
+      t_s[i] = 0;
+    return s;
+  } else {
+    return memset(s, c, n);
+  }
+#endif  
 }
 
@@ -1071 +1097 @@
   if (a != NULL && b != NULL)
     return (strcmp(a, b));
+  else if (a == NULL && b != NULL)
+    return (-1);
+  else if (a != NULL && b == NULL)
+    return (1);
+  else
+    return (-7); /* default to not equal */
+}
+
+/* Does not report sign. */
+int sl_ts_strncmp(const char * a, const char * b, size_t n)
+{
+#ifdef SL_FAIL_ON_ERROR
+  SL_REQUIRE (a != NULL, _("a != NULL"));
+  SL_REQUIRE (b != NULL, _("b != NULL"));
+  SL_REQUIRE (n > 0, _("n > 0"));
+#endif
+
+  if (a != NULL && b != NULL)
+    {
+      const unsigned char *a1 = (const unsigned char *)a;
+      const unsigned char *b1 = (const unsigned char *)b;
+      size_t i;
+      int  retval=0;
+      /* The simple index based access is optimized best by the
+       * compiler (tested with gcc 7.3.0). */
+      for (i = 0; i < n; ++i)
+        {
+          if (a1[i] == '\0' || b1[i] == '\0')
+            break;
+          retval |= (a1[i] ^ b1[i]);
+        }
+      /* if (retval == 0) --> false (0) */ 
+      return (retval != 0);
+    }
   else if (a == NULL && b != NULL)
     return (-1);