fuzz: unpoison buffer after arc4random_buf()

MSAN does not realise that the iv buffer for aes256_cbc_fips() is in fact initialized by this function call. This path and subsequent use of the "uninitialised" value was hit when upgrading to Ubuntu 24.04 (which ships a version of glibc that implements arc4random_buf()).
Yubico · Oct 8, 2024 · 5c7ed8f · 5c7ed8f
1 parent c4ba104
commit 5c7ed8f
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/src/random.c b/src/random.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018 Yubico AB. All rights reserved.
+ * Copyright (c) 2018-2024 Yubico AB. All rights reserved.
  * Use of this source code is governed by a BSD-style
  * license that can be found in the LICENSE file.
  * SPDX-License-Identifier: BSD-2-Clause
@@ -16,6 +16,13 @@
 #include <unistd.h>
 #endif
 
+#if defined(__has_feature)
+# if  __has_feature(memory_sanitizer)
+#  include <sanitizer/msan_interface.h>
+#  define WITH_MSAN	1
+# endif
+#endif
+
 #include "fido.h"
 
 #if defined(_WIN32)
@@ -45,6 +52,9 @@ int
 fido_get_random(void *buf, size_t len)
 {
 	arc4random_buf(buf, len);
+#ifdef WITH_MSAN
+	__msan_unpoison(buf, len); /* XXX */
+#endif
 	return (0);
 }
 #elif defined(HAVE_GETRANDOM)