rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix xdr_bytes() strict-aliasing violations

Browse Source
This commit is contained in:
Robbie Harwood 2020-01-06 16:36:41 -05:00
parent fd463aed6a
commit 2496b50d00
2 changed files with 143 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
Fix-xdr_bytes-strict-aliasing-violations.patch Normal file
View File

@ -0,0 +1,138 @@
From e48e04d955c809c6f7b4f9052294d407f0d93daa Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 10 Dec 2019 12:06:05 -0500
Subject: [PATCH] Fix xdr_bytes() strict-aliasing violations
When xdr_bytes() is used for a gss_buffer_desc object, a temporary
character pointer must be used for the data value to avoid a strict
aliasing violation.
When xdr_bytes() is used for a krb5_keyblock object, a temporary
character pointer must also be used, even though the data pointer is
of type unsigned char *, to avoid a clang warning on macOS due to the
"#pragma pack" declaration in krb5.h.
(cherry picked from commit 21b39d0196e3e0bb6b1bfbf5d60a0596cfc82e27)
---
src/lib/kadm5/kadm_rpc_xdr.c | 8 +++++---
src/lib/rpc/auth_gssapi_misc.c | 21 +++++++++++++--------
src/lib/rpc/authgss_prot.c | 5 ++++-
3 files changed, 22 insertions(+), 12 deletions(-)
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index f22ea7f1f..8383e4e23 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -1125,14 +1125,16 @@ xdr_krb5_salttype(XDR *xdrs, krb5_int32 *objp)
bool_t
xdr_krb5_keyblock(XDR *xdrs, krb5_keyblock *objp)
{
+ char *cp;
+
/* XXX This only works because free_keyblock assumes ->contents
is allocated by malloc() */
-
if(!xdr_krb5_enctype(xdrs, &objp->enctype))
return FALSE;
- if(!xdr_bytes(xdrs, (char **) &objp->contents, (unsigned int *)
- &objp->length, ~0))
+ cp = (char *)objp->contents;
+ if(!xdr_bytes(xdrs, &cp, &objp->length, ~0))
return FALSE;
+ objp->contents = (uint8_t *)cp;
return TRUE;
}
diff --git a/src/lib/rpc/auth_gssapi_misc.c b/src/lib/rpc/auth_gssapi_misc.c
index a05ea19eb..a60eb7f7c 100644
--- a/src/lib/rpc/auth_gssapi_misc.c
+++ b/src/lib/rpc/auth_gssapi_misc.c
@@ -45,9 +45,11 @@ bool_t xdr_gss_buf(
bool_t result;
/* Fix type mismatches between APIs. */
unsigned int length = buf->length;
- result = xdr_bytes(xdrs, (char **) &buf->value, &length,
+ char *cp = buf->value;
+ result = xdr_bytes(xdrs, &cp, &length,
(xdrs->x_op == XDR_DECODE && buf->value == NULL)
? (unsigned int) -1 : (unsigned int) buf->length);
+ buf->value = cp;
buf->length = length;
return result;
}
@@ -204,6 +206,7 @@ bool_t auth_gssapi_wrap_data(
XDR temp_xdrs;
int conf_state;
unsigned int length;
+ char *cp;
PRINTF(("gssapi_wrap_data: starting\n"));
@@ -243,13 +246,13 @@ bool_t auth_gssapi_wrap_data(
/* write the token */
length = out_buf.length;
- if (! xdr_bytes(out_xdrs, (char **) &out_buf.value,
- (unsigned int *) &length,
- out_buf.length)) {
+ cp = out_buf.value;
+ if (! xdr_bytes(out_xdrs, &cp, &length, out_buf.length)) {
PRINTF(("gssapi_wrap_data: serializing encrypted data failed\n"));
XDR_DESTROY(&temp_xdrs);
return FALSE;
}
+ out_buf.value = cp;
*major = gss_release_buffer(minor, &out_buf);
@@ -272,6 +275,7 @@ bool_t auth_gssapi_unwrap_data(
uint32_t verf_seq_num;
int conf, qop;
unsigned int length;
+ char *cp;
PRINTF(("gssapi_unwrap_data: starting\n"));
@@ -280,14 +284,15 @@ bool_t auth_gssapi_unwrap_data(
in_buf.value = NULL;
out_buf.value = NULL;
- if (! xdr_bytes(in_xdrs, (char **) &in_buf.value,
- &length, (unsigned int) -1)) {
+ cp = in_buf.value;
+ if (! xdr_bytes(in_xdrs, &cp, &length, (unsigned int) -1)) {
PRINTF(("gssapi_unwrap_data: deserializing encrypted data failed\n"));
temp_xdrs.x_op = XDR_FREE;
- (void)xdr_bytes(&temp_xdrs, (char **) &in_buf.value, &length,
- (unsigned int) -1);
+ (void)xdr_bytes(&temp_xdrs, &cp, &length, (unsigned int) -1);
+ in_buf.value = NULL;
return FALSE;
}
+ in_buf.value = cp;
in_buf.length = length;
*major = gss_unseal(minor, context, &in_buf, &out_buf, &conf,
diff --git a/src/lib/rpc/authgss_prot.c b/src/lib/rpc/authgss_prot.c
index a5a587f90..9a48277b3 100644
--- a/src/lib/rpc/authgss_prot.c
+++ b/src/lib/rpc/authgss_prot.c
@@ -50,6 +50,7 @@ xdr_rpc_gss_buf(XDR *xdrs, gss_buffer_t buf, u_int maxsize)
{
bool_t xdr_stat;
u_int tmplen;
+ char *cp;
if (xdrs->x_op != XDR_DECODE) {
if (buf->length > UINT_MAX)
@@ -57,7 +58,9 @@ xdr_rpc_gss_buf(XDR *xdrs, gss_buffer_t buf, u_int maxsize)
else
tmplen = buf->length;
}
- xdr_stat = xdr_bytes(xdrs, (char **)&buf->value, &tmplen, maxsize);
+ cp = buf->value;
+ xdr_stat = xdr_bytes(xdrs, &cp, &tmplen, maxsize);
+ buf->value = cp;
if (xdr_stat && xdrs->x_op == XDR_DECODE)
buf->length = tmplen;

6
krb5.spec
View File

@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
Name: krb5
Version: 1.17.1
# for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
Release: 3%{?dist}
Release: 4%{?dist}
# rharwood has trust path to signing key and verifies on check-in
Source0: https://web.mit.edu/kerberos/dist/krb5/1.17/krb5-%{version}%{prerelease}.tar.gz
@ -118,6 +118,7 @@ Patch170: krb5-1.17post6-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
Patch171: Don-t-warn-in-kadmin-when-no-policy-is-specified.patch
Patch172: Allow-client-canonicalization-in-non-krbtgt-AS-REP.patch
Patch173: Do-not-always-canonicalize-enterprise-principals.patch
Patch174: Fix-xdr_bytes-strict-aliasing-violations.patch
License: MIT
URL: https://web.mit.edu/kerberos/www/
@ -691,6 +692,9 @@ exit 0
%{_libdir}/libkadm5srv_mit.so.*
%changelog
* Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4
- Fix xdr_bytes() strict-aliasing violations
* Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3
- Don't warn in kadmin when no policy is specified
- Do not always canonicalize enterprise principals