[PATCH libXdmcp] Use getrandom() syscall if available

walter harms wharms at bfs.de
Mon Apr 3 16:35:40 UTC 2017 


Am 03.04.2017 17:30, schrieb Benjamin Tissoires:
> On Mon, Apr 3, 2017 at 3:17 PM, walter harms <wharms at bfs.de> wrote:
>>
>>
>> Am 03.04.2017 14:52, schrieb Benjamin Tissoires:
>>> This allows to fix CVE-2017-2625 on Linux platforms without pulling in
>>> libbsd.
>>> The syscall getrandom is available since kernel v3.17. The code first
>>> tries to use the syscall on a supported kernel. If the syscall fails,
>>> it falls back to the current (vulnerable) code.
>>> We do not implement the glibc getrandom() call given that it's only
>>> available in glibc 2.25, and the #if dance is already messy here.
>>>
>>> Signed-off-by: Benjamin Tissoires <benjamin.tissoires at gmail.com>
>>> ---
>>>  Key.c        | 12 ++++++++++++
>>>  configure.ac |  3 +++
>>>  2 files changed, 15 insertions(+)
>>>
>>> diff --git a/Key.c b/Key.c
>>> index a09b316..61b07db 100644
>>> --- a/Key.c
>>> +++ b/Key.c
>>> @@ -36,6 +36,10 @@ in this Software without prior written authorization from The Open Group.
>>>  #include <bsd/stdlib.h> /* for arc4random_buf() */
>>>  #endif
>>>
>>> +#if HAVE_DECL_SYS_GETRANDOM
>>> +#include <sys/syscall.h> /* for SYS_getrandom */
>>> +#endif
>>> +
>>>  #ifndef HAVE_ARC4RANDOM_BUF
>>>  static void
>>>  getbits (long data, unsigned char *dst)
>>> @@ -68,6 +72,14 @@ XdmcpGenerateKey (XdmAuthKeyPtr key)
>>>  #ifndef HAVE_ARC4RANDOM_BUF
>>>      long    lowbits, highbits;
>>>
>>> +#if HAVE_DECL_SYS_GETRANDOM
>>> +    int ret;
>>> +
>>> +    ret = syscall(SYS_getrandom, key->data, 8, 0);
>>> +    if (ret == 8)
>>> +     return;
>>> +#endif
>>> +
>>
>> i am not an expert on syscalls but would it help to test for
>> SYS_getrandom directly ?
> 
> I am not sure I fully understand you. Are you suggesting to remove the
> 'ret' variable?
> 

no,

#ifdef SYS_getrandom && defined(__LINUX__)
   int ret;
    ret = syscall(SYS_getrandom, key->data, 8, 0);
    if (ret == 8)
    return;
#endif

> Cheers,
> Benjamin
> 
>>
>> re,
>>  wh
>>
>>
>>>      srandom ((int)getpid() ^ time((Time_t *)0));
>>>      lowbits = random ();
>>>      highbits = random ();
>>> diff --git a/configure.ac b/configure.ac
>>> index 2288502..d0d4d05 100644
>>> --- a/configure.ac
>>> +++ b/configure.ac
>>> @@ -63,6 +63,9 @@ case $host_os in
>>>          ;;
>>>  esac
>>>
>>> +# Checks for syscalls
>>> +AC_CHECK_DECLS([SYS_getrandom], [], [], [[#include <sys/syscall.h>]])
>>> +
>>>  # Checks for library functions.
>>>  AC_CHECK_LIB([bsd], [arc4random_buf])
>>>  AC_CHECK_FUNCS([srand48 lrand48 arc4random_buf])
>> _______________________________________________
>> xorg-devel at lists.x.org: X.Org development
>> Archives: http://lists.x.org/archives/xorg-devel
>> Info: https://lists.x.org/mailman/listinfo/xorg-devel

More information about the xorg-devel mailing list