From patchwork Mon Feb 27 12:37:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella Netto X-Patchwork-Id: 65684 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id AF69A3858C00 for ; Mon, 27 Feb 2023 12:37:29 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org AF69A3858C00 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1677501449; bh=+H4RmGOhHxRb9I9+bvB910YMe2h74y41gIqePrrn96U=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=hgZwtnn2QqzT1f50NoNO0kxof/9VdxTrbfVEFDtXgFMlIkSzJtp3QQCJ1S4StxvIE K2KF1GrsKLNcoe2R5m4iYNQeBpuXvnzuwBjHA4P1sk29skdr3HL9CX2x0zwAu4GUeY Hk79xBwqFL9+Fc5YNIGcrN5RO0Kchv4foVkhIqxQ= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-oi1-x234.google.com (mail-oi1-x234.google.com [IPv6:2607:f8b0:4864:20::234]) by sourceware.org (Postfix) with ESMTPS id B288D3858D32 for ; Mon, 27 Feb 2023 12:37:06 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org B288D3858D32 Received: by mail-oi1-x234.google.com with SMTP id c11so5053226oiw.2 for ; Mon, 27 Feb 2023 04:37:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677501425; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+H4RmGOhHxRb9I9+bvB910YMe2h74y41gIqePrrn96U=; b=byqH+LE5852NTFZY1U7Q1ib8AggVCfBJ1CREzn6SkNkbV8GAynNPANatAjinv0UbAE /YT0/fxXSBwM0l5efmbXCsSDdG5gbxZq4CTv36hEB07SU53pgNtkqhY8QGVE3j77V3gp zkh1JDHXzQpCb0SuZkxB+UAQpyFlTILR0w5utjbfhVQVRkYxTbu5F88NcLM2EFTzmj3B yxfDKWXnL51XhJGpy5bEIwGe8zFGSIITUBRIarqlc9QA+IZRFLC9bpfFI+XVXaQkrVhi 0aCwrKY4npLjbsRlJh8iYItdRKx12IFHurkHML3D8Awmv4aQAeBiYtq/orL/wxkbsvAt NDXw== X-Gm-Message-State: AO0yUKVzjlYrrWk1QQPpKlZhNa7uEMafiBEvfyUsHcj/lo82EvrnZ6Eb rM2ktwh1MQe7XMn6QJy8RLQ0uWr60FCQH2jP/U4= X-Google-Smtp-Source: AK7set+ikW0c7ss4XY5RABtMYpqPB/WTzC6f0MC3fgz8ccaY/RUIETudb4Cfbf34UGHKzdD7VSCAqg== X-Received: by 2002:a05:6808:a10:b0:384:2b1d:45a with SMTP id n16-20020a0568080a1000b003842b1d045amr1747632oij.30.1677501425279; Mon, 27 Feb 2023 04:37:05 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c3:b7aa:b9e5:7f35:5353:4b4c]) by smtp.gmail.com with ESMTPSA id a6-20020a056808120600b0037d59e90a07sm3024349oil.55.2023.02.27.04.37.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Feb 2023 04:37:04 -0800 (PST) To: libc-alpha@sourceware.org, Wilco Dijkstra , Szabolcs Nagy , Florian Weimer Subject: [PATCH] crypt: Remove invalid end of page test badsalttest Date: Mon, 27 Feb 2023 09:37:00 -0300 Message-Id: <20230227123700.106092-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Adhemerval Zanella via Libc-alpha From: Adhemerval Zanella Netto Reply-To: Adhemerval Zanella Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" The input argument passes an invalid string with a NULL terminator on crypt settings inputs, which might lead to invalid OOB on strncmp (where multiple implementation assumes that the input is always a NULL terminated string). Also adapt the code to use libsupport. Checked on arm-linux-gnuabihf. --- crypt/badsalttest.c | 50 ++++++++------------------------------------- 1 file changed, 9 insertions(+), 41 deletions(-) diff --git a/crypt/badsalttest.c b/crypt/badsalttest.c index bc1e5c1442..acf4ed1ad9 100644 --- a/crypt/badsalttest.c +++ b/crypt/badsalttest.c @@ -16,11 +16,12 @@ License along with the GNU C Library; if not, see . */ -#include -#include -#include +#include +#include #include +#include + static const char *tests[][2] = { { "no salt", "" }, @@ -30,59 +31,26 @@ static const char *tests[][2] = { "both chars bad", ":@" }, { "un$upported algorithm", "$2$" }, { "unsupported_algorithm", "_1" }, - { "end of page", NULL } }; static int do_test (void) { - int result = 0; struct crypt_data cd; - size_t n = sizeof (tests) / sizeof (*tests); - size_t pagesize = (size_t) sysconf (_SC_PAGESIZE); - char *page; /* Check that crypt won't look at the second character if the first one is invalid. */ - page = mmap (NULL, pagesize * 2, PROT_READ | PROT_WRITE, - MAP_PRIVATE | MAP_ANON, -1, 0); - if (page == MAP_FAILED) - { - perror ("mmap"); - n--; - } - else - { - if (mmap (page + pagesize, pagesize, 0, - MAP_PRIVATE | MAP_ANON | MAP_FIXED, - -1, 0) != page + pagesize) - perror ("mmap 2"); - page[pagesize - 1] = '*'; - tests[n - 1][1] = &page[pagesize - 1]; - } - /* Mark cd as initialized before first call to crypt_r. */ cd.initialized = 0; - for (size_t i = 0; i < n; i++) + for (size_t i = 0; i < array_length (tests); i++) { - if (crypt (tests[i][0], tests[i][1])) - { - result++; - printf ("%s: crypt returned non-NULL with salt \"%s\"\n", - tests[i][0], tests[i][1]); - } + TEST_VERIFY (crypt (tests[i][0], tests[i][1]) == NULL); - if (crypt_r (tests[i][0], tests[i][1], &cd)) - { - result++; - printf ("%s: crypt_r returned non-NULL with salt \"%s\"\n", - tests[i][0], tests[i][1]); - } + TEST_VERIFY (crypt_r (tests[i][0], tests[i][1], &cd) == NULL); } - return result; + return 0; } -#define TEST_FUNCTION do_test () -#include "../test-skeleton.c" +#include