From e6419fa017cbcae67b6f802cfa8a168a06439f3f Mon Sep 17 00:00:00 2001 From: Vladis Dronov Date: Tue, 23 Nov 2021 20:39:34 +0100 Subject: [PATCH] Fix a security issue in jitterentropy library Resolves: rhbz#2015560 Signed-off-by: Vladis Dronov --- jitterentropy-fix-ec-check.patch | 18 ++++++------------ jitterentropy.spec | 5 +++-- tests/README | 2 +- 3 files changed, 10 insertions(+), 15 deletions(-) diff --git a/jitterentropy-fix-ec-check.patch b/jitterentropy-fix-ec-check.patch index 4b3a8c7..3b2757d 100644 --- a/jitterentropy-fix-ec-check.patch +++ b/jitterentropy-fix-ec-check.patch @@ -1,26 +1,20 @@ diff -up src/jitterentropy-noise.c.orig src/jitterentropy-noise.c --- src/jitterentropy-noise.c 2021-11-23 15:42:47.809329173 +0100 +++ src/jitterentropy-noise.c 2021-11-23 15:44:19.820499338 +0100 -@@ -188,16 +188,18 @@ static void jent_memaccess(struct rand_d +@@ -188,7 +188,7 @@ static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt) uint32_t u[4]; uint8_t b[sizeof(uint32_t) * 4]; } prngState = { .u = {0x8e93eec0, 0xce65608a, 0xa8d46b46, 0xe83cef69} }; - uint32_t addressMask = ec->memmask; + uint32_t addressMask; -+ -+ if (NULL == ec || NULL == ec->mem) -+ return; -+ -+ addressMask = ec->memmask; /* Ensure that macros cannot overflow jent_loop_shuffle() */ BUILD_BUG_ON((MAX_ACC_LOOP_BIT + MIN_ACC_LOOP_BIT) > 63); - uint64_t acc_loop_cnt = - jent_loop_shuffle(ec, MAX_ACC_LOOP_BIT, MIN_ACC_LOOP_BIT); +@@ -197,6 +197,7 @@ static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt) + + if (NULL == ec || NULL == ec->mem) + return; ++ addressMask = ec->memmask; -- if (NULL == ec || NULL == ec->mem) -- return; -- /* * Mix the current data into prngState - * diff --git a/jitterentropy.spec b/jitterentropy.spec index 632333a..a3f43ec 100644 --- a/jitterentropy.spec +++ b/jitterentropy.spec @@ -1,6 +1,6 @@ Name: jitterentropy Version: 3.3.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Library implementing the jitter entropy source License: BSD or GPLv2 @@ -47,8 +47,9 @@ mkdir -p %{buildroot}/usr/include/ %{_mandir}/man3/* %changelog -* Tue Nov 23 2021 Vladis Dronov - 3.3.1-1 +* Tue Nov 23 2021 Vladis Dronov - 3.3.1-2 - Update to the upstream v3.3.1 @ 887c9871 (bz 2015560) +- Fix a security issue found by a covscan in jitterentropy library * Mon Aug 09 2021 Mohan Boddu - 3.0.2-3.git.409828cf - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags diff --git a/tests/README b/tests/README index 88548b8..ae71c9e 100644 --- a/tests/README +++ b/tests/README @@ -1,2 +1,2 @@ jitterentropy library does not really have tests. -it is tested as a part of rng-tools tests. \ No newline at end of file +it is tested as a part of rng-tools tests.