From: Otto Moerbeek Date: Fri, 7 Jul 2023 10:49:24 +0000 (+0200) Subject: Also include explcit_bzero(), which is needed when using older glibc X-Git-Tag: rec-5.0.0-alpha1~122^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0e006d27997a2159cf6d6cbcfa4b149ad8d9fa02;p=thirdparty%2Fpdns.git Also include explcit_bzero(), which is needed when using older glibc --- diff --git a/configure.ac b/configure.ac index 13dc98fa2f..ce048aef23 100644 --- a/configure.ac +++ b/configure.ac @@ -154,7 +154,7 @@ dnl Checks for library functions. dnl the *_r functions are in posix so we can use them unconditionally, but the ext/yahttp code is dnl using the defines. AC_CHECK_FUNCS_ONCE([strcasestr localtime_r gmtime_r recvmmsg sched_setscheduler]) -AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf]) +AC_CHECK_FUNCS_ONCE([explicit_bzero memset_s getrandom getentropy arc4random arc4random_uniform arc4random_buf]) AM_CONDITIONAL([HAVE_RECVMMSG], [test "x$ac_cv_func_recvmmsg" = "xyes"]) diff --git a/ext/arc4random/Makefile.am b/ext/arc4random/Makefile.am index e776e0e0ad..73479d160a 100644 --- a/ext/arc4random/Makefile.am +++ b/ext/arc4random/Makefile.am @@ -6,5 +6,6 @@ libarc4random_la_SOURCES = \ arc4random_uniform.c \ bsd-getentropy.c \ chacha_private.h \ + explicit_bzero.c \ includes.h \ log.h diff --git a/ext/arc4random/arc4random.hh b/ext/arc4random/arc4random.hh index f9f779f12e..c9bedac473 100644 --- a/ext/arc4random/arc4random.hh +++ b/ext/arc4random/arc4random.hh @@ -14,4 +14,7 @@ extern "C" #ifndef HAVE_ARC4RANDOM_UNIFORM uint32_t arc4random_uniform(uint32_t upper_bound); #endif +#ifndef HAVE_EXPLICIT_BZERO + void explicit_bzero(void *, size_t len); +#endif } diff --git a/ext/arc4random/explicit_bzero.c b/ext/arc4random/explicit_bzero.c new file mode 100644 index 0000000000..68cd2c10b3 --- /dev/null +++ b/ext/arc4random/explicit_bzero.c @@ -0,0 +1,65 @@ +/* OPENBSD ORIGINAL: lib/libc/string/explicit_bzero.c */ +/* $OpenBSD: explicit_bzero.c,v 1.1 2014/01/22 21:06:45 tedu Exp $ */ +/* + * Public domain. + * Written by Ted Unangst + */ + +#include "includes.h" + +#include + +/* + * explicit_bzero - don't let the compiler optimize away bzero + */ + +#ifndef HAVE_EXPLICIT_BZERO + +#ifdef HAVE_EXPLICIT_MEMSET + +void +explicit_bzero(void *p, size_t n) +{ + (void)explicit_memset(p, 0, n); +} + +#elif defined(HAVE_MEMSET_S) + +void +explicit_bzero(void *p, size_t n) +{ + if (n == 0) + return; + (void)memset_s(p, n, 0, n); +} + +#else /* HAVE_MEMSET_S */ + +/* + * Indirect bzero through a volatile pointer to hopefully avoid + * dead-store optimisation eliminating the call. + */ +static void (* volatile ssh_bzero)(void *, size_t) = bzero; + +void +explicit_bzero(void *p, size_t n) +{ + if (n == 0) + return; + /* + * clang -fsanitize=memory needs to intercept memset-like functions + * to correctly detect memory initialisation. Make sure one is called + * directly since our indirection trick above successfully confuses it. + */ +#if defined(__has_feature) +# if __has_feature(memory_sanitizer) + memset(p, 0, n); +# endif +#endif + + ssh_bzero(p, n); +} + +#endif /* HAVE_MEMSET_S */ + +#endif /* HAVE_EXPLICIT_BZERO */ diff --git a/ext/arc4random/includes.h b/ext/arc4random/includes.h index 0a3882e483..5ef06b816b 100644 --- a/ext/arc4random/includes.h +++ b/ext/arc4random/includes.h @@ -20,5 +20,8 @@ void arc4random_buf(void *buf, size_t nbytes); #ifndef HAVE_ARC4RANDOM_UNIFORM uint32_t arc4random_uniform(uint32_t upper_bound); #endif +#ifndef HAVE_EXPLICIT_BZERO +void explicit_bzero(void *, size_t len); +#endif #define DEF_WEAK(x) diff --git a/pdns/dnsdistdist/configure.ac b/pdns/dnsdistdist/configure.ac index aa7ffbf7a4..6ab2749d3a 100644 --- a/pdns/dnsdistdist/configure.ac +++ b/pdns/dnsdistdist/configure.ac @@ -49,7 +49,7 @@ PDNS_WITH_SERVICE_USER([dnsdist]) dnl the *_r functions are in posix so we can use them unconditionally, but the ext/yahttp code is dnl using the defines. AC_CHECK_FUNCS_ONCE([localtime_r gmtime_r]) -AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf]) +AC_CHECK_FUNCS_ONCE([explicit_bzero memset_s getrandom getentropy arc4random arc4random_uniform arc4random_buf]) AC_SUBST([YAHTTP_CFLAGS], ['-I$(top_srcdir)/ext/yahttp']) AC_SUBST([YAHTTP_LIBS], ['$(top_builddir)/ext/yahttp/yahttp/libyahttp.la']) AC_SUBST([IPCRYPT_CFLAGS], ['-I$(top_srcdir)/ext/ipcrypt']) diff --git a/pdns/dnsdistdist/ext/arc4random/explicit_bzero.c b/pdns/dnsdistdist/ext/arc4random/explicit_bzero.c new file mode 120000 index 0000000000..4b950e0401 --- /dev/null +++ b/pdns/dnsdistdist/ext/arc4random/explicit_bzero.c @@ -0,0 +1 @@ +../../../../ext/arc4random/explicit_bzero.c \ No newline at end of file diff --git a/pdns/recursordist/configure.ac b/pdns/recursordist/configure.ac index e466237cbe..8945ae6618 100644 --- a/pdns/recursordist/configure.ac +++ b/pdns/recursordist/configure.ac @@ -113,7 +113,7 @@ PDNS_CHECK_CURL dnl the *_r functions are in posix so we can use them unconditionally, but the ext/yahttp code is dnl using the defines. AC_CHECK_FUNCS_ONCE([localtime_r gmtime_r strcasestr]) -AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf]) +AC_CHECK_FUNCS_ONCE([explicit_bzero memset_s getrandom getentropy arc4random arc4random_uniform arc4random_buf]) AC_CHECK_HEADERS([sys/random.h]) diff --git a/pdns/recursordist/ext/arc4random/explicit_bzero.c b/pdns/recursordist/ext/arc4random/explicit_bzero.c new file mode 120000 index 0000000000..4b950e0401 --- /dev/null +++ b/pdns/recursordist/ext/arc4random/explicit_bzero.c @@ -0,0 +1 @@ +../../../../ext/arc4random/explicit_bzero.c \ No newline at end of file