summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnutls/gnutls/CVE-2020-13777-b.patch
blob: 12486e1710de728c96d8012f525e7a807d5e2ee7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
From 6c7f9703e42bc5278d0a4a6f0a39d07d62123ea3 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 31 Mar 2020 06:58:48 +0200
Subject: [PATCH 2/3] build: use valgrind client request to detect undefined
 memory use

commit 50ad8778a81f9421effa4c5a3b457f98e559b178 from https://gitlab.com/gnutls/gnutls.git

This tightens the check introduced in
ac2f71b892d13a7ab4cc39086eef179042c7e23c, by using the valgrind client
request to explicitly mark the "uninitialized but initialization is
needed before use" regions.  With this patch and the
fix (c01011c2d8533dbbbe754e49e256c109cb848d0d) reverted, you will see
the following error when running dtls_hello_random_value under
valgrind:

  $ valgrind ./dtls_hello_random_value
  testing: default
  ==520145== Conditional jump or move depends on uninitialised value(s)
  ==520145==    at 0x4025F5: hello_callback (dtls_hello_random_value.c:90)
  ==520145==    by 0x488BF97: _gnutls_call_hook_func (handshake.c:1215)
  ==520145==    by 0x488C1AA: _gnutls_send_handshake2 (handshake.c:1332)
  ==520145==    by 0x488FC7E: send_client_hello (handshake.c:2290)
  ==520145==    by 0x48902A1: handshake_client (handshake.c:2908)
  ==520145==    by 0x48902A1: gnutls_handshake (handshake.c:2740)
  ==520145==    by 0x402CB3: client (dtls_hello_random_value.c:153)
  ==520145==    by 0x402CB3: start (dtls_hello_random_value.c:317)
  ==520145==    by 0x402EFE: doit (dtls_hello_random_value.c:331)
  ==520145==    by 0x4023D4: main (utils.c:254)
  ==520145==

Upstream-Status: Backport

Signed-off-by: Daiki Ueno <dueno@redhat.com>
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
---
 configure.ac    |  2 ++
 lib/handshake.c | 15 +++++++++++++++
 lib/state.c     | 21 ++++++++++++++++++---
 3 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 172cf42..12da283 100644
--- a/configure.ac
+++ b/configure.ac
@@ -233,6 +233,8 @@ AS_IF([test "$ac_cv_search___atomic_load_4" = "none required" || test "$ac_cv_se
 dnl We use its presence to detect C11 threads
 AC_CHECK_HEADERS([threads.h])
 
+AC_CHECK_HEADERS([valgrind/memcheck.h])
+
 AC_ARG_ENABLE(padlock,
   AS_HELP_STRING([--disable-padlock], [unconditionally disable padlock acceleration]),
     use_padlock=$enableval)
diff --git a/lib/handshake.c b/lib/handshake.c
index 84a0e52..8d58fa4 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -57,6 +57,9 @@
 #include "secrets.h"
 #include "tls13/session_ticket.h"
 #include "locks.h"
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+#include <valgrind/memcheck.h>
+#endif
 
 #define TRUE 1
 #define FALSE 0
@@ -242,6 +245,12 @@ int _gnutls_gen_client_random(gnutls_session_t session)
 			return gnutls_assert_val(ret);
 	}
 
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+	if (RUNNING_ON_VALGRIND)
+		VALGRIND_MAKE_MEM_DEFINED(session->security_parameters.client_random,
+					  GNUTLS_RANDOM_SIZE);
+#endif
+
 	return 0;
 }
 
@@ -320,6 +329,12 @@ int _gnutls_gen_server_random(gnutls_session_t session, int version)
 		return ret;
 	}
 
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+	if (RUNNING_ON_VALGRIND)
+		VALGRIND_MAKE_MEM_DEFINED(session->security_parameters.server_random,
+					  GNUTLS_RANDOM_SIZE);
+#endif
+
 	return 0;
 }
 
diff --git a/lib/state.c b/lib/state.c
index 0e1d155..98900c1 100644
--- a/lib/state.c
+++ b/lib/state.c
@@ -55,6 +55,9 @@
 #include "ext/cert_types.h"
 #include "locks.h"
 #include "kx.h"
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+#include <valgrind/memcheck.h>
+#endif
 
 /* to be used by supplemental data support to disable TLS1.3
  * when supplemental data have been globally registered */
@@ -564,10 +567,22 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags)
 			UINT32_MAX;
 	}
 
-	/* everything else not initialized here is initialized
-	 * as NULL or 0. This is why calloc is used.
+	/* Everything else not initialized here is initialized as NULL
+	 * or 0. This is why calloc is used. However, we want to
+	 * ensure that certain portions of data are initialized at
+	 * runtime before being used. Mark such regions with a
+	 * valgrind client request as undefined.
 	 */
-
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+	if (RUNNING_ON_VALGRIND) {
+		if (flags & GNUTLS_CLIENT)
+			VALGRIND_MAKE_MEM_UNDEFINED((*session)->security_parameters.client_random,
+						    GNUTLS_RANDOM_SIZE);
+		if (flags & GNUTLS_SERVER)
+			VALGRIND_MAKE_MEM_UNDEFINED((*session)->security_parameters.server_random,
+						    GNUTLS_RANDOM_SIZE);
+	}
+#endif
 	handshake_internal_state_clear1(*session);
 
 #ifdef HAVE_WRITEV
-- 
2.17.1