Avoid unbound alloca usage in *-crypt routines (#804792)

2012-03-29 12:46:29 -06:00 · 2012-03-29 12:46:29 -06:00 · 5022ed713c
commit 5022ed713c
parent d004e5468f
2 changed files with 221 additions and 0 deletions
--- a/glibc-rh804792.patch
+++ b/glibc-rh804792.patch
@ -0,0 +1,217 @@
+2012-03-29  Jeff Law  <law@redhat.com>
+
+	* crypt/md5-crypt.c (__md5_crypt_r): Avoid unbounded alloca uses
+	due to long keys.
+	* crypt/sha256-crypt.c (__sha256_crypt_r): Likewise.
+	* crypt/sha512-crypt.c (__sha512_crypt_r): Likewise.
+
+diff -rup c/crypt/md5-crypt.c d/crypt/md5-crypt.c
+--- c/crypt/md5-crypt.c	2012-01-01 05:16:32.000000000 -0700
+++ d/crypt/md5-crypt.c	2012-03-27 11:37:24.035574503 -0600
+@@ -108,6 +108,7 @@ __md5_crypt_r (key, salt, buffer, buflen
+   char *cp;
+   char *copied_key = NULL;
+   char *copied_salt = NULL;
+  char *free_key = NULL;
+ 
+   /* Find beginning of salt string.  The prefix should normally always
+      be present.  Just in case it is not.  */
+@@ -120,7 +121,17 @@ __md5_crypt_r (key, salt, buffer, buflen
+ 
+   if ((key - (char *) 0) % __alignof__ (md5_uint32) != 0)
+     {
+-      char *tmp = (char *) alloca (key_len + __alignof__ (md5_uint32));
+      char *tmp;
+
+      if (__libc_use_alloca (key_len + __alignof__ (md5_uint32)))
+	tmp = (char *) alloca (key_len + __alignof__ (md5_uint32));
+      else
+	{
+	  free_key = tmp = (char *) malloc (key_len + __alignof__ (md5_uint32));
+	  if (tmp == NULL)
+	    return NULL;
+	}
+	
+       key = copied_key =
+ 	memcpy (tmp + __alignof__ (md5_uint32)
+ 		- (tmp - (char *) 0) % __alignof__ (md5_uint32),
+@@ -142,7 +158,10 @@ __md5_crypt_r (key, salt, buffer, buflen
+   /* Initialize libfreebl3.  */
+   NSSLOWInitContext *nss_ictx = NSSLOW_Init ();
+   if (nss_ictx == NULL)
+-    return NULL;
+    {
+      free (free_key);
+      return NULL;
+    }
+   NSSLOWHASHContext *nss_ctx = NULL;
+   NSSLOWHASHContext *nss_alt_ctx = NULL;
+ #else
+@@ -296,6 +315,7 @@ __md5_crypt_r (key, salt, buffer, buflen
+   if (copied_salt != NULL)
+     memset (copied_salt, '\0', salt_len);
+ 
+  free (free_key);
+   return buffer;
+ }
+ 
+diff -rup c/crypt/sha256-crypt.c d/crypt/sha256-crypt.c
+--- c/crypt/sha256-crypt.c	2012-01-01 05:16:32.000000000 -0700
+++ d/crypt/sha256-crypt.c	2012-03-27 11:58:55.823809542 -0600
+@@ -123,6 +123,9 @@ __sha256_crypt_r (key, salt, buffer, buf
+   /* Default number of rounds.  */
+   size_t rounds = ROUNDS_DEFAULT;
+   bool rounds_custom = false;
+  size_t alloca_used = 0;
+  char *free_key = NULL;
+  char *free_pbytes = NULL;
+ 
+   /* Find beginning of salt string.  The prefix should normally always
+      be present.  Just in case it is not.  */
+@@ -149,7 +152,17 @@ __sha256_crypt_r (key, salt, buffer, buf
+ 
+   if ((key - (char *) 0) % __alignof__ (uint32_t) != 0)
+     {
+-      char *tmp = (char *) alloca (key_len + __alignof__ (uint32_t));
+      char *tmp;
+
+      if (__libc_use_alloca (key_len + __alignof__ (uint32_t)))
+	tmp = alloca_account (key_len + __alignof__ (uint32_t), alloca_used);
+      else
+	{
+	  free_key = tmp = (char *) malloc (key_len + __alignof__ (uint32_t));
+	  if (tmp == NULL)
+	    return NULL;
+	}
+	
+       key = copied_key =
+ 	memcpy (tmp + __alignof__ (uint32_t)
+ 		- (tmp - (char *) 0) % __alignof__ (uint32_t),
+@@ -160,6 +179,7 @@ __sha256_crypt_r (key, salt, buffer, buf
+   if ((salt - (char *) 0) % __alignof__ (uint32_t) != 0)
+     {
+       char *tmp = (char *) alloca (salt_len + __alignof__ (uint32_t));
+      alloca_used += salt_len + __alignof__ (uint32_t);
+       salt = copied_salt =
+ 	memcpy (tmp + __alignof__ (uint32_t)
+ 		- (tmp - (char *) 0) % __alignof__ (uint32_t),
+@@ -171,7 +191,10 @@ __sha256_crypt_r (key, salt, buffer, buf
+   /* Initialize libfreebl3.  */
+   NSSLOWInitContext *nss_ictx = NSSLOW_Init ();
+   if (nss_ictx == NULL)
+-    return NULL;
+    {
+      free (free_key);
+      return NULL;
+    }
+   NSSLOWHASHContext *nss_ctx = NULL;
+   NSSLOWHASHContext *nss_alt_ctx = NULL;
+ #else
+@@ -233,8 +256,19 @@ __sha256_crypt_r (key, salt, buffer, buf
+   /* Finish the digest.  */
+   sha256_finish_ctx (&alt_ctx, nss_alt_ctx, temp_result);
+ 
+-  /* Create byte sequence P.  */
+-  cp = p_bytes = alloca (key_len);
+  /* Create byte sequence P.  */
+  if (__libc_use_alloca (alloca_used + key_len))
+    cp = p_bytes = (char *) alloca (key_len);
+  else
+    {
+      free_pbytes = cp = p_bytes = (char *)malloc (key_len);
+      if (free_pbytes == NULL)
+	{
+	  free (free_key);
+	  return NULL;
+	}
+    }
+	
+   for (cnt = key_len; cnt >= 32; cnt -= 32)
+     cp = mempcpy (cp, temp_result, 32);
+   memcpy (cp, temp_result, cnt);
+@@ -362,6 +401,8 @@ __sha256_crypt_r (key, salt, buffer, buf
+   if (copied_salt != NULL)
+     memset (copied_salt, '\0', salt_len);
+ 
+  free (free_key);
+  free (free_pbytes);
+   return buffer;
+ }
+ 
+diff -rup c/crypt/sha512-crypt.c d/crypt/sha512-crypt.c
+--- c/crypt/sha512-crypt.c	2012-01-01 05:16:32.000000000 -0700
+++ d/crypt/sha512-crypt.c	2012-03-27 12:10:08.895097239 -0600
+@@ -123,6 +123,9 @@ __sha512_crypt_r (key, salt, buffer, buf
+   /* Default number of rounds.  */
+   size_t rounds = ROUNDS_DEFAULT;
+   bool rounds_custom = false;
+  size_t alloca_used = 0;
+  char *free_key = NULL;
+  char *free_pbytes = NULL;
+ 
+   /* Find beginning of salt string.  The prefix should normally always
+      be present.  Just in case it is not.  */
+@@ -149,7 +152,17 @@ __sha512_crypt_r (key, salt, buffer, buf
+ 
+   if ((key - (char *) 0) % __alignof__ (uint64_t) != 0)
+     {
+-      char *tmp = (char *) alloca (key_len + __alignof__ (uint64_t));
+      char *tmp;
+
+      if (__libc_use_alloca (key_len + __alignof__ (uint64_t)))
+	tmp = alloca_account (key_len + __alignof__ (uint64_t), alloca_used);
+      else
+	{
+	  free_key = tmp = (char *) malloc (key_len + __alignof__ (uint64_t));
+	  if (tmp == NULL)
+	    return NULL;
+	}
+	
+       key = copied_key =
+ 	memcpy (tmp + __alignof__ (uint64_t)
+ 		- (tmp - (char *) 0) % __alignof__ (uint64_t),
+@@ -171,7 +190,10 @@ __sha512_crypt_r (key, salt, buffer, buf
+   /* Initialize libfreebl3.  */
+   NSSLOWInitContext *nss_ictx = NSSLOW_Init ();
+   if (nss_ictx == NULL)
+-    return NULL;
+    {
+      free (free_key);
+      return NULL;
+    }
+   NSSLOWHASHContext *nss_ctx = NULL;
+   NSSLOWHASHContext *nss_alt_ctx = NULL;
+ #else
+@@ -233,8 +255,19 @@ __sha512_crypt_r (key, salt, buffer, buf
+   /* Finish the digest.  */
+   sha512_finish_ctx (&alt_ctx, nss_alt_ctx, temp_result);
+ 
+-  /* Create byte sequence P.  */
+-  cp = p_bytes = alloca (key_len);
+  /* Create byte sequence P.  */
+  if (__libc_use_alloca (alloca_used + key_len))
+    cp = p_bytes = (char *) alloca (key_len);
+  else
+    {
+      free_pbytes = cp = p_bytes = (char *)malloc (key_len);
+      if (free_pbytes == NULL)
+	{
+	  free (free_key);
+	  return NULL;
+	}
+    }
+	
+   for (cnt = key_len; cnt >= 64; cnt -= 64)
+     cp = mempcpy (cp, temp_result, 64);
+   memcpy (cp, temp_result, cnt);
+@@ -374,6 +412,8 @@ __sha512_crypt_r (key, salt, buffer, buf
+   if (copied_salt != NULL)
+     memset (copied_salt, '\0', salt_len);
+ 
+  free (free_key);
+  free (free_pbytes);
+   return buffer;
+ }
+ 
+ 
+ 
--- a/glibc.spec
+++ b/glibc.spec
@ -125,6 +125,8 @@ Patch45 : %{name}-rh803286.patch
 Patch46 : %{name}-rh806403.patch
 # Submitted upstream, BZ 13594
 Patch47 : %{name}-rh806070.patch
+# Submitted upstream
+Patch48 : %{name}-rh804792.patch


 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -391,6 +393,7 @@ rm -rf %{glibcportsdir}
 %patch45 -p1
 %patch46 -p1
 %patch47 -p1
+%patch48 -p1

 # A lot of programs still misuse memcpy when they have to use
 # memmove. The memcpy implementation below is not tolerant at
@ -1244,6 +1247,7 @@ rm -f *.filelist*

 %changelog
 * Tue Mar 27 2012 Jeff Law <law@redhat.com> - 2.15-30
+  - Avoid unbound alloca usage in *-crypt routines (#804792)
  - Fix data race in nscd (#806070)

 * Fri Mar 23 2012 Jeff Law <law@redhat.com> - 2.15-29