Attachment #3933 for bug #10149

View | Details | Raw Unified | Return to bug 10149
Collapse All | Expand All




static inline uintptr_t __attribute__ ((always_inline))
_dl_setup_stack_chk_guard (void *dl_random)
{
  uintptr_t ret = 0;
  /* Having a leading zero byte protects the stack guard from
     being exposed by an unterminated str* read operation. */
  unsigned char *p = ((unsigned char *) &ret) + 1;
  int size = sizeof (ret) - 1;
#ifndef __ASSUME_AT_RANDOM
  if (__builtin_expect (dl_random == NULL, 0))
    {

      int fd = __open ("/dev/urandom", O_RDONLY);
      if (fd >= 0)
	{
	  ssize_t reslen = __read (fd, p, size);
	  __close (fd);
	  if (reslen == (ssize_t) size)
	    return ret;
	}
# endif
      /* Lacking any other form of randomized stack guard, add other
         terminators in an attempt to block things like fgets, etc. */
      p[size - 1] = 255;
      p[size - 2] = '\n';
    }
  else
#endif
    /* We need in the moment only 8 bytes on 32-bit platforms and 16
       bytes on 64-bit platforms.  Therefore we can use the data
       directly and not use the kernel-provided data to seed a PRNG.  */
    memcpy (p, dl_random, size);
  return ret;
}


Return to bug 10149

Lines 62-68 Link Here

(-)a/sysdeps/unix/sysv/linux/dl-osinfo.h (-8 / +12 lines)
62	static inline uintptr_t __attribute__ ((always_inline))	62	static inline uintptr_t __attribute__ ((always_inline))
63	_dl_setup_stack_chk_guard (void *dl_random)	63	_dl_setup_stack_chk_guard (void *dl_random)
64	{	64	{
65	uintptr_t ret;	65	uintptr_t ret = 0;
		66	/* Having a leading zero byte protects the stack guard from
		67	being exposed by an unterminated str* read operation. */
		68	unsigned char p = ((unsigned char ) &ret) + 1;
		69	int size = sizeof (ret) - 1;
66	#ifndef __ASSUME_AT_RANDOM	70	#ifndef __ASSUME_AT_RANDOM
67	if (__builtin_expect (dl_random == NULL, 0))	71	if (__builtin_expect (dl_random == NULL, 0))
68	{	72	{
Lines 70-92 Link Here
70	int fd = __open ("/dev/urandom", O_RDONLY);	74	int fd = __open ("/dev/urandom", O_RDONLY);
71	if (fd >= 0)	75	if (fd >= 0)
72	{	76	{
73	ssize_t reslen = __read (fd, &ret, sizeof (ret));	77	ssize_t reslen = __read (fd, p, size);
74	__close (fd);	78	__close (fd);
75	if (reslen == (ssize_t) sizeof (ret))	79	if (reslen == (ssize_t) size)
76	return ret;	80	return ret;
77	}	81	}
78	# endif	82	# endif
79	ret = 0;	83	/* Lacking any other form of randomized stack guard, add other
80	unsigned char p = (unsigned char ) &ret;	84	terminators in an attempt to block things like fgets, etc. */
81	p[sizeof (ret) - 1] = 255;	85	p[size - 1] = 255;
82	p[sizeof (ret) - 2] = '\n';	86	p[size - 2] = '\n';
83	}	87	}
84	else	88	else
85	#endif	89	#endif
86	/* We need in the moment only 8 bytes on 32-bit platforms and 16	90	/* We need in the moment only 8 bytes on 32-bit platforms and 16
87	bytes on 64-bit platforms. Therefore we can use the data	91	bytes on 64-bit platforms. Therefore we can use the data
88	directly and not use the kernel-provided data to seed a PRNG. */	92	directly and not use the kernel-provided data to seed a PRNG. */
89	memcpy (&ret, dl_random, sizeof (ret));	93	memcpy (p, dl_random, size);
90	return ret;	94	return ret;
91	}	95	}
92		96