rpms/rng-tools
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to the upstream v6.13 @d207e0b6

Browse Source 
- Update to the upstream v6.13 + tip of origin/master + onecpu
  branch + revert of 2ce93190 (bz 1965318)
- Rebuild rng-tools against the latest jitterentropy library
  3.0.2-2.git.409828cf with fixes for an important issue
- Adjust Source0 to a more proper one

Resolves: rhbz#1965318

Signed-off-by: Vladis Dronov <vdronov@redhat.com>
This commit is contained in:
Vladis Dronov 2021-07-22 14:03:20 +02:00
parent 0e48f2301e
commit f225139b99
10 changed files with 11 additions and 773 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
0001-Use-AM_PROG_AR-over-AC_CHECK_TOOLS.patch
View File

@ -1,45 +0,0 @@
From 16b728f9a5bb138386fa770de817ec244a158be5 Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Sat, 12 Jun 2021 22:15:06 +0200
Subject: Use `AM_PROG_AR` over `AC_CHECK_TOOLS`
* `AM_PROG_AR` is the canonical way to detect the archiver
and includes workarounds for Cygwin.
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
.gitignore | 1 +
configure.ac | 3 +--
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/.gitignore b/.gitignore
index 0df9347..5dc334d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@
*.o
/.deps/
/aclocal.m4
+/ar-lib
/autom4te.cache/
/compile
/config.guess
diff --git a/configure.ac b/configure.ac
index 5b4f2cb..1cb7fd7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -62,10 +62,9 @@ AM_PROG_AS
dnl Checks for programs
AC_PROG_CC
AC_PROG_RANLIB
+AM_PROG_AR
AC_PROG_GCC_TRADITIONAL
-AC_CHECK_TOOLS([AR], [ar gar], :)
-
AX_PTHREAD
AM_CONDITIONAL([RDRAND], [test $target_cpu = x86_64 -o $target_cpu = i686])
--
2.26.3

52
0003-AC_CANONICAL_TARGET-AC_CANONICAL_HOST.patch
View File

@ -1,52 +0,0 @@
From 3adf2613e262efbda0a3455e59c8cb3390271563 Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Sat, 12 Jun 2021 22:15:12 +0200
Subject: `AC_CANONICAL_TARGET` -> `AC_CANONICAL_HOST`
* `AC_CANONICAL_TARGET` is the type of system for which code
will be produced, not on which it will run. This is a common
confusion with Autoconf's target triplet.
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
configure.ac | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/configure.ac b/configure.ac
index 1cb7fd7..0fe06fc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -20,7 +20,8 @@ dnl Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA
AC_INIT(rng-tools, 6.13, [Neil Horman <nhorman@tuxdriver.com>])
AC_PREREQ(2.52)
AC_CONFIG_SRCDIR([rngd.c])
-AC_CANONICAL_TARGET
+AC_CANONICAL_HOST
+AC_CANONICAL_TARGET dnl required for broken AX_PTHREAD
AM_INIT_AUTOMAKE([foreign])
AC_CONFIG_HEADERS([rng-tools-config.h])
AC_CONFIG_MACRO_DIRS([m4])
@@ -67,14 +68,14 @@ AC_PROG_GCC_TRADITIONAL
AX_PTHREAD
-AM_CONDITIONAL([RDRAND], [test $target_cpu = x86_64 -o $target_cpu = i686])
-AS_IF([test $target_cpu = x86_64 -o $target_cpu = i686], [AC_DEFINE([HAVE_RDRAND],1,[Enable RDRAND])],[])
+AM_CONDITIONAL([RDRAND], [test $host_cpu = x86_64 || $host_cpu = i686])
+AS_IF([test $host_cpu = x86_64 || $host_cpu = i686], [AC_DEFINE([HAVE_RDRAND],1,[Enable RDRAND])],[])
-AM_CONDITIONAL([DARN], [test $target_cpu = powerpc64le])
-AS_IF([test $target_cpu = powerpc64le], [AC_DEFINE([HAVE_DARN],1,[Enable DARN])],[])
+AM_CONDITIONAL([DARN], [test $host_cpu = powerpc64le])
+AS_IF([test $host_cpu = powerpc64le], [AC_DEFINE([HAVE_DARN],1,[Enable DARN])],[])
-AM_CONDITIONAL([RNDR], [test $target_cpu = aarch64])
-AS_IF([test $target_cpu = aarch64], [AC_DEFINE([HAVE_RNDR],1,[Enable RNDR])],[])
+AM_CONDITIONAL([RNDR], [test $host_cpu = aarch64])
+AS_IF([test $host_cpu = aarch64], [AC_DEFINE([HAVE_RNDR],1,[Enable RNDR])],[])
AM_CONDITIONAL([JITTER], [false])
AC_ARG_ENABLE(jitterentropy,
--
2.26.3

69
0004-Fix-logic-in-ossl_aes_random_key.patch
View File

@ -1,69 +0,0 @@
From 73e81dc78ddb6f1bc0d8750c1a9e19e6cc123d48 Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Sat, 12 Jun 2021 09:16:25 +0200
Subject: Fix logic in ossl_aes_random_key()
- Using sizeof is correct for arr[], but is not correct for *ptr. read() here
makes a 8-bytes read (on 64-bit arch). It should read AES_BLOCK bytes instead,
as callers of ossl_aes_random_key() imply.
Covscan emits the following warning:
Error: SIZEOF_MISMATCH (CWE-398): [#def1]
rng-tools-6.12/ossl_helpers.c:51: suspicious_sizeof: Passing argument "key" of
type "unsigned char *" and argument "8UL /* sizeof (key) */" to function "read"
is suspicious.
51|-> int r = read(fd, key, sizeof key);
- According to the following warning, mark r as not used explicitly:
Error: CLANG_WARNING: [#def2]
rng-tools-6.12/ossl_helpers.c:51:7: warning[deadcode.DeadStores]: Value stored
to 'r' during its initialization is never read
51|-> int r = read(fd, key, sizeof key);
- Add volatile to stack_junk to avoid possible compiler optimization. This does
not silence "Uninitialized variable: stack_junk" covscan warning.
- Remove a check for pepper == NULL where it is not needed.
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
ossl_helpers.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/ossl_helpers.c b/ossl_helpers.c
index c3c1fbb..9569b74 100644
--- a/ossl_helpers.c
+++ b/ossl_helpers.c
@@ -42,22 +42,23 @@ void ossl_aes_random_key(unsigned char *key, const unsigned char *pepper)
0x00,0x10,0x20,0x30,0x40,0x50,0x60,0x70,
0x80,0x90,0xa0,0xb0,0xc0,0xd0,0xe0,0xf0
}; /* AES data reduction key */
- unsigned char stack_junk[AES_BLOCK];
+ volatile unsigned char stack_junk[AES_BLOCK];
int fd, i;
/* Try getting some randomness from the kernel */
fd = open("/dev/urandom", O_RDONLY);
if (fd >= 0) {
- int r = read(fd, key, sizeof key);
+ int r __attribute__((unused));
+ r = read(fd, key, AES_BLOCK);
close(fd);
}
/* Mix in our default key */
- for (i = 0; i < AES_BLOCK && pepper; i++)
+ for (i = 0; i < AES_BLOCK; i++)
key[i] ^= default_key[i];
/* Mix in stack junk */
- for (i = 0; i < AES_BLOCK && pepper; i++)
+ for (i = 0; i < AES_BLOCK; i++)
key[i] ^= stack_junk[i];
/* Spice it up if we can */
--
2.26.3

44
0005-Fix-a-read-returning-zero-case-in-init_entropy_sourc.patch
View File

@ -1,44 +0,0 @@
From 8659477ea65b1617332efee6da4c533137870577 Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Sat, 12 Jun 2021 09:00:42 +0200
Subject: Fix a read() returning zero case in init_entropy_source()
Covscan warns about this with:
Error: CHECKED_RETURN (CWE-252): [#def3]
rng-tools-6.12/rngd_entsource.c:185: check_return: "read(int, void *,
size_t)" returns the number of bytes read, but it is ignored.
185|-> if (read(rngavail_fd, buf, sizeof(buf)) < 0) {
Add a check for a zero return. While this should not happen, lets just
handle the case, also to silence covscan.
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
rngd_entsource.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/rngd_entsource.c b/rngd_entsource.c
index f54ee40..e5b7d43 100644
--- a/rngd_entsource.c
+++ b/rngd_entsource.c
@@ -182,13 +182,14 @@ int init_entropy_source(struct rng *ent_src)
return 1;
}
- if (read(rngavail_fd, buf, sizeof(buf)) < 0) {
+ int ret = read(rngavail_fd, buf, sizeof(buf));
+ if (ret < 0) {
message_entsrc(ent_src,LOG_DAEMON|LOG_DEBUG, "Error reading sysfs file: %s\n", RNG_AVAIL);
close(rngavail_fd);
return 1;
}
- if (strncmp(buf, "\n", 1) == 0) {
+ if (ret == 0 || strncmp(buf, "\n", 1) == 0) {
message_entsrc(ent_src,LOG_DAEMON|LOG_DEBUG, "No available rng device\n");
close(rngavail_fd);
return 1;
--
2.26.3

78
0006-Fix-minor-possibilities-of-using-a-NULL-pointer.patch
View File

@ -1,78 +0,0 @@
From e4a94ad5d4ea8e5663f1e5d71669317b16105945 Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Sat, 12 Jun 2021 13:11:19 +0200
Subject: Fix minor possibilities of using a NULL pointer
Fix the following covscan warnings by performing a check for a NULL:
1) Add a check for NULL to message_entsrc macro:
Error: GCC_ANALYZER_WARNING (CWE-688):
rng-tools-6.12/rngd_rdrand.c: scope_hint: In function 'init_drng_entropy_source'
rng-tools-6.12/rngd.h:186:9: warning[-Wanalyzer-possible-null-argument]: use of
possibly-NULL '____buf' where non-null expected
/usr/include/stdio.h:334:12: note: argument 1 of 'sprintf' must be non-null
184| size_t ____neededmsg = snprintf(NULL, 0, fmt, ##args) + 1; \
185| char *____buf = malloc(____neededpfx + ____neededmsg); \
186|-> sprintf(____buf, "[%-6s]: " fmt, src->rng_sname, ##args); \
2) Move memset() in xread_tpm() to a proper place:
Error: NULL_RETURNS (CWE-476): [#def3]
rng-tools-6.12/rngd_entsource.c:96: returned_null: "malloc" returns "NULL"
(checked 89 out of 95 times).
rng-tools-6.12/rngd_entsource.c:96: var_assigned: Assigning: "temp_buf" =
"NULL" return value from "malloc".
rng-tools-6.12/rngd_entsource.c:97: dereference: Dereferencing a pointer
that might be "NULL" "temp_buf" when calling "memset".
96| temp_buf = (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD);
97|-> memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD));
98| if (temp_buf == NULL) {
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
rngd.h | 8 +++++---
rngd_entsource.c | 3 ++-
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/rngd.h b/rngd.h
index 6208b95..7d65f3c 100644
--- a/rngd.h
+++ b/rngd.h
@@ -184,9 +184,11 @@ extern bool quiet;
size_t ____neededpfx = snprintf(NULL, 0, "[%-6s]: ", src->rng_sname); \
size_t ____neededmsg = snprintf(NULL, 0, fmt, ##args) + 1; \
char *____buf = malloc(____neededpfx + ____neededmsg); \
- sprintf(____buf, "[%-6s]: " fmt, src->rng_sname, ##args); \
- message(priority, "%s", ____buf); \
- free(____buf); \
+ if (____buf) { \
+ sprintf(____buf, "[%-6s]: " fmt, src->rng_sname, ##args); \
+ message(priority, "%s", ____buf); \
+ free(____buf); \
+ } \
} while (0)
extern bool do_reseed;
diff --git a/rngd_entsource.c b/rngd_entsource.c
index e5b7d43..b7ebd15 100644
--- a/rngd_entsource.c
+++ b/rngd_entsource.c
@@ -94,12 +94,13 @@ int xread_tpm(void *buf, size_t size, struct rng *ent_src)
}
temp_buf = (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD);
- memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD));
if (temp_buf == NULL) {
message_entsrc(ent_src,LOG_ERR|LOG_INFO,"No memory for TPM buffer\n");
close(ent_src->rng_fd);
return -1;
}
+ memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD));
+
/* 32 bits has been reserved for random byte size */
rng_cmd[13] = (unsigned char)(size & 0xFF);
rng_cmd[12] = (unsigned char)((size >> 8) & 0xFF);
--
2.26.3

185
0007-Small-bug-and-warning-fixes-per-covscan-report.patch
View File

@ -1,185 +0,0 @@
From 2d244c6b5aea8f1a8e70307540d9d95b8111a242 Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Mon, 14 Jun 2021 14:04:27 +0200
Subject: Small bug and warning fixes per covscan report
- Fix a strncpy() bug.
- Remove unused variables.
- A small formatting fix.
- Fix signedness warnings.
- Add parenthesis to definitions of CHUNK_SIZE.
- Adjust default_watermark() so wm is set to a default value in all cases.
Also add logging the same way it was done in init_kernel_rng().
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
rngd_darn.c | 4 ++--
rngd_jitter.c | 3 +--
rngd_linux.c | 31 ++++++++++++++++++++++---------
rngd_rdrand.c | 2 --
rngd_rndr.c | 2 +-
rngd_rtlsdr.c | 6 +++---
stats.c | 2 +-
7 files changed, 30 insertions(+), 20 deletions(-)
diff --git a/rngd_darn.c b/rngd_darn.c
index bc8edec..5254195 100644
--- a/rngd_darn.c
+++ b/rngd_darn.c
@@ -46,9 +46,9 @@ static uint64_t get_darn();
static int refill_rand(struct rng *ent_src, bool allow_reinit);
static size_t copy_avail_rand_to_buf(unsigned char *buf, size_t size, size_t copied);
-#define CHUNK_SIZE AES_BLOCK * 8
+#define CHUNK_SIZE (AES_BLOCK*8)
#define RDRAND_ROUNDS 512 /* 512:1 data reduction */
-#define THRESH_BITS 14
+#define THRESH_BITS 14
/* ossl AES context */
static struct ossl_aes_ctx *ossl_ctx;
diff --git a/rngd_jitter.c b/rngd_jitter.c
index b68c791..7403c02 100644
--- a/rngd_jitter.c
+++ b/rngd_jitter.c
@@ -128,7 +128,7 @@ int pipefds[2];
unsigned char *aes_buf;
-static char key[AES_BLOCK];
+static unsigned char key[AES_BLOCK];
static unsigned char iv_buf[CHUNK_SIZE] __attribute__((aligned(128)));
static struct ossl_aes_ctx *ossl_ctx;
@@ -322,7 +322,6 @@ int validate_jitter_options(struct rng *ent_src)
int delay = ent_src->rng_options[JITTER_OPT_RETRY_DELAY].int_val;
int rcount = ent_src->rng_options[JITTER_OPT_RETRY_COUNT].int_val;
int soft_timer = ent_src->rng_options[JITTER_OPT_FORCE_INT_TIMER].int_val;
- int num_threads = ent_src->rng_options[JITTER_OPT_THREADS].int_val;
/* Need at least one thread to do this work */
if (!threads) {
diff --git a/rngd_linux.c b/rngd_linux.c
index cf4fcdf..c52c62d 100644
--- a/rngd_linux.c
+++ b/rngd_linux.c
@@ -56,22 +56,35 @@ extern int kent_pool_size;
/*
* Get the default watermark
*/
+
+#define DEFAULT_WATERMARK_GUESS 4096
+
int default_watermark(void)
{
FILE *f;
- unsigned int wm; /* Default guess */
+ unsigned int wm;
f = fopen("/proc/sys/kernel/random/poolsize", "r");
- if (!f)
+ if (!f) {
+ wm = DEFAULT_WATERMARK_GUESS;
+ message(LOG_DAEMON|LOG_ERR, "can't open /proc/sys/kernel/random/poolsize: %s",
+ strerror(errno));
goto err;
- /*
- * Default to 4096 if fscanf fails
- */
- if(fscanf(f,"%u", &wm) < 1)
- wm = 4096;
+ }
+
+ /* Use DEFAULT_WATERMARK_GUESS if fscanf fails */
+ if(fscanf(f,"%u", &wm) < 1) {
+ wm = DEFAULT_WATERMARK_GUESS;
+ message(LOG_DAEMON|LOG_ERR, "can't read /proc/sys/kernel/random/poolsize: %s",
+ strerror(errno));
+ }
+
+err:
kent_pool_size = wm;
wm = wm*3/4;
-err:
+ message(LOG_DAEMON|LOG_ERR, "kernel entropy pool size: %d pool watermark: %d",
+ kent_pool_size, wm);
+
if (f)
fclose(f);
return wm;
@@ -153,7 +166,7 @@ int random_add_entropy(void *buf, size_t size)
} else
write(random_fd, buf, size);
- return ent->ent_count;
+ return ent->ent_count;
}
diff --git a/rngd_rdrand.c b/rngd_rdrand.c
index cba27a9..caa9d05 100644
--- a/rngd_rdrand.c
+++ b/rngd_rdrand.c
@@ -243,8 +243,6 @@ int init_drng_entropy_source(struct rng *ent_src)
const uint32_t features_ebx7_rdseed = 1 << 18;
uint32_t max_cpuid_leaf;
unsigned char xkey[AES_BLOCK]; /* Material to XOR into the key */
- int fd;
- int i;
if (!x86_has_cpuid())
return 1; /* No CPUID instruction */
diff --git a/rngd_rndr.c b/rngd_rndr.c
index 176ce90..79bf2ce 100644
--- a/rngd_rndr.c
+++ b/rngd_rndr.c
@@ -47,7 +47,7 @@ static struct ossl_aes_ctx *ossl_ctx;
static unsigned char key[AES_BLOCK];
static unsigned char iv_buf[AES_BLOCK];
-#define CHUNK_SIZE AES_BLOCK * 8
+#define CHUNK_SIZE (AES_BLOCK*8)
static unsigned char aes_buf[CHUNK_SIZE];
static size_t aes_buf_pos;
#define REKEY_BITS 8
diff --git a/rngd_rtlsdr.c b/rngd_rtlsdr.c
index 949c8b0..5371905 100644
--- a/rngd_rtlsdr.c
+++ b/rngd_rtlsdr.c
@@ -21,12 +21,12 @@
#include "rngd.h"
#include "ossl_helpers.h"
-#define RAW_BUF_SZ 4096
+#define RAW_BUF_SZ 4096
-#define CHUNK_SIZE (AES_BLOCK*8) /* 8 parallel streams */
+#define CHUNK_SIZE (AES_BLOCK*8) /* 8 parallel streams */
static rtlsdr_dev_t *radio = NULL;
-static char raw_buffera[RAW_BUF_SZ];
+static unsigned char raw_buffera[RAW_BUF_SZ];
static int freq_min;
static int freq_max;
static int sample_min;
diff --git a/stats.c b/stats.c
index 5c4036a..a172a35 100644
--- a/stats.c
+++ b/stats.c
@@ -65,7 +65,7 @@ static void scale_mult_unit(char *unit, int unitsize,
if (mult)
snprintf(unit, unitsize, "%ci%s", multchar[mult-1], baseunit);
else
- strncpy(unit, baseunit, unitsize);
+ strncpy(unit, baseunit, unitsize-1);
}
/* Computes elapsed time in microseconds */
--
2.26.3

54
0008-Fix-a-minor-memory-leak-in-rngd_jitter.c.patch
View File

@ -1,54 +0,0 @@
From 05505f04b9146e3f1225c182d3fdfc2fb51a633f Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Sat, 12 Jun 2021 09:35:21 +0200
Subject: Fix a minor memory leak in rngd_jitter.c
While a leak is short-lived until a process memory is freed, fix it anyway.
Error: GCC_ANALYZER_WARNING (CWE-401):
rng-tools-6.12/rngd_jitter.c:396:66: warning[-Wanalyzer-malloc-leak]:
leak of 'aes_buf'
rng-tools-6.12/rngd_jitter.c:35: included_from: Included from here.
rng-tools-6.12/rngd_jitter.c:394:17: note: in expansion of macro 'message_entsrc'
Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
rng-tools-6.12/rngd_jitter.c: scope_hint: In function 'init_jitter_entropy_source'
rng-tools-6.12/rngd_jitter.c:396:66: warning[-Wanalyzer-malloc-leak]: leak of 'aes_buf'
rng-tools-6.12/rngd_jitter.c:394:17: note: in expansion of macro 'message_entsrc'
394| message_entsrc(ent_src,LOG_CONS|LOG_INFO, "Initializing AES buffer\n");
395| aes_buf = malloc(tdata[0].buf_sz);
396|-> ent_src->rng_options[JITTER_OPT_USE_AES].int_val = 0;
397| if (xread_jitter(key, AES_BLOCK, ent_src)) {
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
rngd_jitter.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rngd_jitter.c b/rngd_jitter.c
index 7403c02..ea29436 100644
--- a/rngd_jitter.c
+++ b/rngd_jitter.c
@@ -126,7 +126,7 @@ static struct thread_data *tdata;
static pthread_t *threads;
int pipefds[2];
-unsigned char *aes_buf;
+unsigned char *aes_buf = NULL;
static unsigned char key[AES_BLOCK];
static unsigned char iv_buf[CHUNK_SIZE] __attribute__((aligned(128)));
@@ -533,9 +533,9 @@ void close_jitter_entropy_source(struct rng *ent_src)
close(pipefds[0]);
free(tdata);
free(threads);
+ free(aes_buf);
if (ossl_ctx) {
ossl_aes_exit(ossl_ctx);
ossl_ctx = NULL;
}
}
-
--
2.26.3

233
0009-Brush-up-rngd_nistbeacon.c.patch
View File

@ -1,233 +0,0 @@
From c87d4f8616c42a921cec37e8758e71f5651c727f Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Mon, 14 Jun 2021 14:37:28 +0200
Subject: Brush up rngd_nistbeacon.c
1) Fix a possile NULL dereference in get_nist_record() and update_active_cert().
It may happen in an unlikely case when curl_easy_setopt(CURLOPT_WRITEFUNCTION)
fails but curl_easy_perform() succeeds.
Also adjust error handling and logging. This way a libcurl instance is properly
cleaned up in all cases.
This fixes code for the following warnings. NULL pointer warning still stays,
as covscan does not recognize parse_nist_json_block() as a callback.
Error: CHECKED_RETURN (CWE-252): [#def13]
rng-tools-6.12/rngd_nistbeacon.c:582: check_return: Calling "curl_easy_setopt(curl,
_curl_opt, certurl)" without checking return value. This library function may fail
and return an error code.
581| certurl = strcat(certurl, block.certificateIdString);
582|-> curl_easy_setopt(curl, CURLOPT_URL, certurl);
Error: CLANG_WARNING: [#def19]
rng-tools-6.12/rngd_nistbeacon.c:622:32: warning[core.NonNullParamChecker]: Null
pointer passed to 1st parameter expecting 'nonnull'
622|-> activeCertId = strndup(block.certificateId, be32toh(block.certificateIdLen));
2) Remove unused variables from parse_nist_json_block().
3) Fix a signedness warning for nist_rand_buf and block.signatureValue.
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
rngd_nistbeacon.c | 109 +++++++++++++++++++++++++++++++---------------
1 file changed, 74 insertions(+), 35 deletions(-)
diff --git a/rngd_nistbeacon.c b/rngd_nistbeacon.c
index 5d51d44..51e3458 100644
--- a/rngd_nistbeacon.c
+++ b/rngd_nistbeacon.c
@@ -74,7 +74,7 @@ static int get_nist_record(struct rng *ent_src);
static size_t nist_buf_avail = 0;
static size_t nist_buf_ptr = 0;
-static char nist_rand_buf[NIST_BUF_SIZE];
+static unsigned char nist_rand_buf[NIST_BUF_SIZE];
static char errbuf[120];
int cfp;
@@ -275,23 +275,18 @@ static void get_json_byte_array(json_t *parent, char *key, char **val, uint32_t
}
/*
- * Note, I'm making the assumption that the entire xml block gets returned
+ * Note, I'm making the assumption that the entire xml block gets returned
* in a single call here, which I should fix
*/
static size_t parse_nist_json_block(char *ptr, size_t size, size_t nemb, void *userdata)
{
size_t idx;
json_t *jidx;
- xmlTextReaderPtr reader;
- int ret = 1;
- const char *name;
- size_t realsize = size * nemb;
- char *xml = (char *)ptr;
- json_t *json, *pulse, *values, *obj;
+ size_t realsize = size * nemb;
+ json_t *json, *pulse, *obj;
json_error_t jsonerror;
struct rng *ent_src = userdata;
-
json = json_loads(ptr, size, &jsonerror);
if (!json) {
message_entsrc(ent_src,LOG_DAEMON|LOG_ERR, "Unparseable JSON\n");
@@ -532,7 +527,8 @@ static int validate_nist_block(struct rng *ent_src)
goto out;
}
- if (EVP_VerifyFinal(mdctx, block.signatureValue, be32toh(block.signatureValueLen), pubkey) < 1) {
+ if (EVP_VerifyFinal(mdctx, (unsigned char *)block.signatureValue,
+ be32toh(block.signatureValueLen), pubkey) < 1) {
unsigned long err;
message_entsrc(ent_src,LOG_DAEMON| LOG_ERR, "Unable to validate signature on message\n");
while( (err = ERR_get_error()) != 0 ) {
@@ -566,7 +562,8 @@ static size_t copy_nist_certificate(char *ptr, size_t size, size_t nemb, void *u
return size * nemb;
}
-static void update_active_cert() {
+static void update_active_cert(struct rng *ent_src)
+{
CURL *curl;
CURLcode res;
char *certurl;
@@ -574,24 +571,46 @@ static void update_active_cert() {
free(activeCert);
activeCert = NULL;
-
+
curl = curl_easy_init();
- if (!curl)
+ if (!curl) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "update_active_cert(): curl_easy_init() failed\n");
return;
+ }
certurl = alloca(urlsize);
- if (!certurl)
- return;
+ if (!certurl) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "update_active_cert(): alloca() failed\n");
+ goto out_curl;
+ }
strcpy(certurl, NIST_CERT_BASE_URL);
certurl = strcat(certurl, block.certificateIdString);
- curl_easy_setopt(curl, CURLOPT_URL, certurl);
- curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, copy_nist_certificate);
+
+ res = curl_easy_setopt(curl, CURLOPT_URL, certurl);
+ if (res != CURLE_OK) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "update_active_cert(): curl_easy_setopt(URL) failed: %s\n",
+ curl_easy_strerror(res));
+ goto out_curl;
+ }
+ res = curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, copy_nist_certificate);
+ if (res != CURLE_OK) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "update_active_cert(): curl_easy_setopt(WRITEFUNC) failed: %s\n",
+ curl_easy_strerror(res));
+ goto out_curl;
+ }
res = curl_easy_perform(curl);
- if (res != CURLE_OK) {
- fprintf(stderr, "curl_easy_perform() failed in cert update: %s\n",
- curl_easy_strerror(res));
- }
+ if (res != CURLE_OK) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "update_active_cert(): curl_easy_perform() failed: %s\n",
+ curl_easy_strerror(res));
+ }
+
+out_curl:
curl_easy_cleanup(curl);
return;
}
@@ -603,42 +622,62 @@ static int get_nist_record(struct rng *ent_src)
int rc = 1;
curl = curl_easy_init();
-
- if (!curl)
+ if (!curl) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "get_nist_record(): curl_easy_init() failed\n");
goto out;
+ }
- curl_easy_setopt(curl, CURLOPT_URL, NIST_RECORD_URL);
- curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, parse_nist_json_block);
- curl_easy_setopt(curl, CURLOPT_WRITEDATA, ent_src);
+ res = curl_easy_setopt(curl, CURLOPT_URL, NIST_RECORD_URL);
+ if (res != CURLE_OK) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "get_nist_record(): curl_easy_setopt(URL) failed: %s\n",
+ curl_easy_strerror(res));
+ goto out_curl;
+ }
+ res = curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, parse_nist_json_block);
+ if (res != CURLE_OK) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "get_nist_record(): curl_easy_setopt(WRITEFUNC) failed: %s\n",
+ curl_easy_strerror(res));
+ goto out_curl;
+ }
+ res = curl_easy_setopt(curl, CURLOPT_WRITEDATA, ent_src);
+ if (res != CURLE_OK) {
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "get_nist_record(): curl_easy_setopt(WRITEDATA) failed: %s\n",
+ curl_easy_strerror(res));
+ goto out_curl;
+ }
+ /* parse_nist_json_block() runs here as a callback */
res = curl_easy_perform(curl);
if (res != CURLE_OK) {
- fprintf(stderr, "curl_easy_perform() failed: %s\n",
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR,
+ "get_nist_record(): curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
- goto out;
+ goto out_curl;
}
- curl_easy_cleanup(curl);
-
lastpulse = block.pulseIndex;
if (!activeCertId || memcmp(activeCertId, block.certificateId, be32toh(block.certificateIdLen))) {
free(activeCertId);
activeCertId = strndup(block.certificateId, be32toh(block.certificateIdLen));
- update_active_cert();
+ update_active_cert(ent_src);
}
if (validate_nist_block(ent_src)) {
- message_entsrc(ent_src,LOG_DAEMON|LOG_ERR, "Received block failed validation\n");
- goto out;
+ message_entsrc(ent_src, LOG_DAEMON|LOG_ERR, "Received block failed validation\n");
+ goto out_curl;
}
-
rc = 0;
+out_curl:
+ curl_easy_cleanup(curl);
out:
return rc;
-
}
/*
--
2.26.3

22
rng-tools.spec
View File

@ -12,10 +12,10 @@
Summary: Random number generator related utilities
Name: rng-tools
Version: 6.13
Release: 3%{?dist}
Release: 4.git.d207e0b6%{?dist}
License: GPLv2+
URL: https://github.com/nhorman/rng-tools
Source0: https://github.com/nhorman/rng-tools/archive/v%{version}/rng-tools-%{version}.tar.gz
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
Source1: rngd.service
Source2: rngd-wake-threshold.service
Source3: 60-hwrng.rules
@ -39,15 +39,6 @@ Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
Patch1: 0001-Use-AM_PROG_AR-over-AC_CHECK_TOOLS.patch
Patch2: 0003-AC_CANONICAL_TARGET-AC_CANONICAL_HOST.patch
Patch3: 0004-Fix-logic-in-ossl_aes_random_key.patch
Patch4: 0005-Fix-a-read-returning-zero-case-in-init_entropy_sourc.patch
Patch5: 0006-Fix-minor-possibilities-of-using-a-NULL-pointer.patch
Patch6: 0007-Small-bug-and-warning-fixes-per-covscan-report.patch
Patch7: 0008-Fix-a-minor-memory-leak-in-rngd_jitter.c.patch
Patch8: 0009-Brush-up-rngd_nistbeacon.c.patch
%description
Hardware random number generation tools.
@ -90,7 +81,7 @@ getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s
%files
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc AUTHORS NEWS README
%doc AUTHORS README
%{_bindir}/rngtest
%{_sbindir}/rngd
%{_mandir}/man1/rngtest.1.*
@ -100,6 +91,13 @@ getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s
%attr(0644,root,root) %{_udevrulesdir}/60-hwrng.rules
%changelog
* Thu Jul 22 2021 Vladis Dronov <vdronov@redhat.com> - 6.13-4.git.d207e0b6
- Update to the upstream v6.13 + tip of origin/master + onecpu
branch + revert of 2ce93190 (bz 1965318)
- Rebuild rng-tools against the latest jitterentropy library
3.0.2-2.git.409828cf with fixes for an important issue
- Adjust Source0 to a more proper one
* Mon Jul 05 2021 Vladis Dronov <vdronov@redhat.com> - 6.13-3
- Adjust rngd-wake-threshold.service and post section so udevadm
is not run in a container (bz 1965318)

2
sources
View File

@ -1 +1 @@
SHA512 (rng-tools-6.13.tar.gz) = def5f2dcdd1771e8fe5af9476de866ff89a225065416672165af6019cbb166f874fae936b3705221aa47dc13ae99fa63d054d7d49b612f3151cd922a0a129490
SHA512 (rng-tools-6.13.tar.gz) = e92491073e5af67e5d0ede0349944baaa9fca0e1171e3e311df1b08295d71c15791538497e595c0e9a61e02cffe83d31ae10c00a195826c6f677004208dc7911