Skip to content

Commit

Permalink
fuzz: unpoison buffer after arc4random_buf()
Browse files Browse the repository at this point in the history
MSAN does not realise that the iv buffer for aes256_cbc_fips() is in
fact initialized by this function call. This path and subsequent use of
the "uninitialised" value was hit when upgrading to Ubuntu 24.04 (which
ships a version of glibc that implements arc4random_buf()).
  • Loading branch information
LDVG committed Oct 8, 2024
1 parent 2692b8f commit b4bcec6
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion src/random.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Copyright (c) 2018-2024 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
Expand All @@ -16,6 +16,13 @@
#include <unistd.h>
#endif

#if defined(__has_feature)
# if __has_feature(memory_sanitizer)
# include <sanitizer/msan_interface.h>
# define WITH_MSAN 1
# endif
#endif

#include "fido.h"

#if defined(_WIN32)
Expand Down Expand Up @@ -45,6 +52,9 @@ int
fido_get_random(void *buf, size_t len)
{
arc4random_buf(buf, len);
#ifdef WITH_MSAN
__msan_unpoison(buf, len); /* XXX */
#endif
return (0);
}
#elif defined(HAVE_GETRANDOM)
Expand Down

0 comments on commit b4bcec6

Please sign in to comment.