From 5022ed713cfd314910f7aadd4bdc9dd972b71953 Mon Sep 17 00:00:00 2001 From: Jeff Law Date: Thu, 29 Mar 2012 12:46:29 -0600 Subject: [PATCH] Avoid unbound alloca usage in *-crypt routines (#804792) --- glibc-rh804792.patch | 217 +++++++++++++++++++++++++++++++++++++++++++ glibc.spec | 4 + 2 files changed, 221 insertions(+) create mode 100644 glibc-rh804792.patch diff --git a/glibc-rh804792.patch b/glibc-rh804792.patch new file mode 100644 index 0000000..d91ae6f --- /dev/null +++ b/glibc-rh804792.patch @@ -0,0 +1,217 @@ +2012-03-29 Jeff Law + + * crypt/md5-crypt.c (__md5_crypt_r): Avoid unbounded alloca uses + due to long keys. + * crypt/sha256-crypt.c (__sha256_crypt_r): Likewise. + * crypt/sha512-crypt.c (__sha512_crypt_r): Likewise. + +diff -rup c/crypt/md5-crypt.c d/crypt/md5-crypt.c +--- c/crypt/md5-crypt.c 2012-01-01 05:16:32.000000000 -0700 ++++ d/crypt/md5-crypt.c 2012-03-27 11:37:24.035574503 -0600 +@@ -108,6 +108,7 @@ __md5_crypt_r (key, salt, buffer, buflen + char *cp; + char *copied_key = NULL; + char *copied_salt = NULL; ++ char *free_key = NULL; + + /* Find beginning of salt string. The prefix should normally always + be present. Just in case it is not. */ +@@ -120,7 +121,17 @@ __md5_crypt_r (key, salt, buffer, buflen + + if ((key - (char *) 0) % __alignof__ (md5_uint32) != 0) + { +- char *tmp = (char *) alloca (key_len + __alignof__ (md5_uint32)); ++ char *tmp; ++ ++ if (__libc_use_alloca (key_len + __alignof__ (md5_uint32))) ++ tmp = (char *) alloca (key_len + __alignof__ (md5_uint32)); ++ else ++ { ++ free_key = tmp = (char *) malloc (key_len + __alignof__ (md5_uint32)); ++ if (tmp == NULL) ++ return NULL; ++ } ++ + key = copied_key = + memcpy (tmp + __alignof__ (md5_uint32) + - (tmp - (char *) 0) % __alignof__ (md5_uint32), +@@ -142,7 +158,10 @@ __md5_crypt_r (key, salt, buffer, buflen + /* Initialize libfreebl3. */ + NSSLOWInitContext *nss_ictx = NSSLOW_Init (); + if (nss_ictx == NULL) +- return NULL; ++ { ++ free (free_key); ++ return NULL; ++ } + NSSLOWHASHContext *nss_ctx = NULL; + NSSLOWHASHContext *nss_alt_ctx = NULL; + #else +@@ -296,6 +315,7 @@ __md5_crypt_r (key, salt, buffer, buflen + if (copied_salt != NULL) + memset (copied_salt, '\0', salt_len); + ++ free (free_key); + return buffer; + } + +diff -rup c/crypt/sha256-crypt.c d/crypt/sha256-crypt.c +--- c/crypt/sha256-crypt.c 2012-01-01 05:16:32.000000000 -0700 ++++ d/crypt/sha256-crypt.c 2012-03-27 11:58:55.823809542 -0600 +@@ -123,6 +123,9 @@ __sha256_crypt_r (key, salt, buffer, buf + /* Default number of rounds. */ + size_t rounds = ROUNDS_DEFAULT; + bool rounds_custom = false; ++ size_t alloca_used = 0; ++ char *free_key = NULL; ++ char *free_pbytes = NULL; + + /* Find beginning of salt string. The prefix should normally always + be present. Just in case it is not. */ +@@ -149,7 +152,17 @@ __sha256_crypt_r (key, salt, buffer, buf + + if ((key - (char *) 0) % __alignof__ (uint32_t) != 0) + { +- char *tmp = (char *) alloca (key_len + __alignof__ (uint32_t)); ++ char *tmp; ++ ++ if (__libc_use_alloca (key_len + __alignof__ (uint32_t))) ++ tmp = alloca_account (key_len + __alignof__ (uint32_t), alloca_used); ++ else ++ { ++ free_key = tmp = (char *) malloc (key_len + __alignof__ (uint32_t)); ++ if (tmp == NULL) ++ return NULL; ++ } ++ + key = copied_key = + memcpy (tmp + __alignof__ (uint32_t) + - (tmp - (char *) 0) % __alignof__ (uint32_t), +@@ -160,6 +179,7 @@ __sha256_crypt_r (key, salt, buffer, buf + if ((salt - (char *) 0) % __alignof__ (uint32_t) != 0) + { + char *tmp = (char *) alloca (salt_len + __alignof__ (uint32_t)); ++ alloca_used += salt_len + __alignof__ (uint32_t); + salt = copied_salt = + memcpy (tmp + __alignof__ (uint32_t) + - (tmp - (char *) 0) % __alignof__ (uint32_t), +@@ -171,7 +191,10 @@ __sha256_crypt_r (key, salt, buffer, buf + /* Initialize libfreebl3. */ + NSSLOWInitContext *nss_ictx = NSSLOW_Init (); + if (nss_ictx == NULL) +- return NULL; ++ { ++ free (free_key); ++ return NULL; ++ } + NSSLOWHASHContext *nss_ctx = NULL; + NSSLOWHASHContext *nss_alt_ctx = NULL; + #else +@@ -233,8 +256,19 @@ __sha256_crypt_r (key, salt, buffer, buf + /* Finish the digest. */ + sha256_finish_ctx (&alt_ctx, nss_alt_ctx, temp_result); + +- /* Create byte sequence P. */ +- cp = p_bytes = alloca (key_len); ++ /* Create byte sequence P. */ ++ if (__libc_use_alloca (alloca_used + key_len)) ++ cp = p_bytes = (char *) alloca (key_len); ++ else ++ { ++ free_pbytes = cp = p_bytes = (char *)malloc (key_len); ++ if (free_pbytes == NULL) ++ { ++ free (free_key); ++ return NULL; ++ } ++ } ++ + for (cnt = key_len; cnt >= 32; cnt -= 32) + cp = mempcpy (cp, temp_result, 32); + memcpy (cp, temp_result, cnt); +@@ -362,6 +401,8 @@ __sha256_crypt_r (key, salt, buffer, buf + if (copied_salt != NULL) + memset (copied_salt, '\0', salt_len); + ++ free (free_key); ++ free (free_pbytes); + return buffer; + } + +diff -rup c/crypt/sha512-crypt.c d/crypt/sha512-crypt.c +--- c/crypt/sha512-crypt.c 2012-01-01 05:16:32.000000000 -0700 ++++ d/crypt/sha512-crypt.c 2012-03-27 12:10:08.895097239 -0600 +@@ -123,6 +123,9 @@ __sha512_crypt_r (key, salt, buffer, buf + /* Default number of rounds. */ + size_t rounds = ROUNDS_DEFAULT; + bool rounds_custom = false; ++ size_t alloca_used = 0; ++ char *free_key = NULL; ++ char *free_pbytes = NULL; + + /* Find beginning of salt string. The prefix should normally always + be present. Just in case it is not. */ +@@ -149,7 +152,17 @@ __sha512_crypt_r (key, salt, buffer, buf + + if ((key - (char *) 0) % __alignof__ (uint64_t) != 0) + { +- char *tmp = (char *) alloca (key_len + __alignof__ (uint64_t)); ++ char *tmp; ++ ++ if (__libc_use_alloca (key_len + __alignof__ (uint64_t))) ++ tmp = alloca_account (key_len + __alignof__ (uint64_t), alloca_used); ++ else ++ { ++ free_key = tmp = (char *) malloc (key_len + __alignof__ (uint64_t)); ++ if (tmp == NULL) ++ return NULL; ++ } ++ + key = copied_key = + memcpy (tmp + __alignof__ (uint64_t) + - (tmp - (char *) 0) % __alignof__ (uint64_t), +@@ -171,7 +190,10 @@ __sha512_crypt_r (key, salt, buffer, buf + /* Initialize libfreebl3. */ + NSSLOWInitContext *nss_ictx = NSSLOW_Init (); + if (nss_ictx == NULL) +- return NULL; ++ { ++ free (free_key); ++ return NULL; ++ } + NSSLOWHASHContext *nss_ctx = NULL; + NSSLOWHASHContext *nss_alt_ctx = NULL; + #else +@@ -233,8 +255,19 @@ __sha512_crypt_r (key, salt, buffer, buf + /* Finish the digest. */ + sha512_finish_ctx (&alt_ctx, nss_alt_ctx, temp_result); + +- /* Create byte sequence P. */ +- cp = p_bytes = alloca (key_len); ++ /* Create byte sequence P. */ ++ if (__libc_use_alloca (alloca_used + key_len)) ++ cp = p_bytes = (char *) alloca (key_len); ++ else ++ { ++ free_pbytes = cp = p_bytes = (char *)malloc (key_len); ++ if (free_pbytes == NULL) ++ { ++ free (free_key); ++ return NULL; ++ } ++ } ++ + for (cnt = key_len; cnt >= 64; cnt -= 64) + cp = mempcpy (cp, temp_result, 64); + memcpy (cp, temp_result, cnt); +@@ -374,6 +412,8 @@ __sha512_crypt_r (key, salt, buffer, buf + if (copied_salt != NULL) + memset (copied_salt, '\0', salt_len); + ++ free (free_key); ++ free (free_pbytes); + return buffer; + } + + + diff --git a/glibc.spec b/glibc.spec index 78de6d0..e13f243 100644 --- a/glibc.spec +++ b/glibc.spec @@ -125,6 +125,8 @@ Patch45 : %{name}-rh803286.patch Patch46 : %{name}-rh806403.patch # Submitted upstream, BZ 13594 Patch47 : %{name}-rh806070.patch +# Submitted upstream +Patch48 : %{name}-rh804792.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -391,6 +393,7 @@ rm -rf %{glibcportsdir} %patch45 -p1 %patch46 -p1 %patch47 -p1 +%patch48 -p1 # A lot of programs still misuse memcpy when they have to use # memmove. The memcpy implementation below is not tolerant at @@ -1244,6 +1247,7 @@ rm -f *.filelist* %changelog * Tue Mar 27 2012 Jeff Law - 2.15-30 + - Avoid unbound alloca usage in *-crypt routines (#804792) - Fix data race in nscd (#806070) * Fri Mar 23 2012 Jeff Law - 2.15-29