From 6d0c21bc1ec062039ab94159d6d7c6d2d15cf6c7 Mon Sep 17 00:00:00 2001
From: Ludvig Michaelsson <ludvig.michaelsson@yubico.com>
Date: Mon, 7 Oct 2024 11:11:03 +0200
Subject: [PATCH] fuzz: unpoison buffer after arc4random_buf()

MSAN does not realise that the iv buffer for aes256_cbc_fips() is in
fact initialized by this function call. This path and subsequent use of
the "uninitialised" value was hit when upgrading to Ubuntu 24.04 (which
ships a version of glibc that implements arc4random_buf()).
---
 src/random.c | 10 ++++++++++
 src/u2f.c    |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/random.c b/src/random.c
index 9688d35c..6f7ad2d1 100644
--- a/src/random.c
+++ b/src/random.c
@@ -16,6 +16,13 @@
 #include <unistd.h>
 #endif
 
+#if defined(__has_feature)
+# if  __has_feature(memory_sanitizer)
+#  include <sanitizer/msan_interface.h>
+#  define WITH_MSAN	1
+# endif
+#endif
+
 #include "fido.h"
 
 #if defined(_WIN32)
@@ -45,6 +52,9 @@ int
 fido_get_random(void *buf, size_t len)
 {
 	arc4random_buf(buf, len);
+#ifdef WITH_MSAN
+	__msan_unpoison(buf, len); /* XXX */
+#endif
 	return (0);
 }
 #elif defined(HAVE_GETRANDOM)
diff --git a/src/u2f.c b/src/u2f.c
index 2620a2eb..9a370f8b 100644
--- a/src/u2f.c
+++ b/src/u2f.c
@@ -931,7 +931,7 @@ u2f_get_touch_status(fido_dev_t *dev, int *touched, int *ms)
 	if ((reply_len = fido_rx(dev, CTAP_CMD_MSG, reply, FIDO_MAXMSG,
 	    ms)) < 2) {
 		fido_log_debug("%s: fido_rx", __func__);
-		r = FIDO_OK; /* ignore */
+		r = *ms != 0 ? FIDO_OK : FIDO_ERR_INTERNAL; /* ignore */
 		goto out;
 	}