port to xorg-server 1.10: -- Log Message: apply https://cgit.freedesktop.org/xorg/xserver/commit/?id=d7ac755f0b618eb1259d93c8a16ec6e39a18627c Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624 Provide the function definition for systems that don't have it. Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> and https://cgit.freedesktop.org/xorg/xserver/commit/?id=5c44169caed811e59a65ba346de1cadb46d266ec os: Squash missing declaration warning for timingsafe_memcmp timingsafe_memcmp.c:21:1: warning: no previous prototype for `timingsafe_memcmp' [-Wmissing-prototypes] timingsafe_memcmp(const void *b1, const void *b2, size_t len) Signed-off-by: Adam Jackson <ajax@redhat.com> --diff -r1.1.1.1 -r1.2 xsrc/external/mit/xorg-server.old/dist/include/dix-config.h.in
(mrg)
--- xsrc/external/mit/xorg-server.old/dist/include/dix-config.h.in 2016/06/09 09:08:00 1.1.1.1
+++ xsrc/external/mit/xorg-server.old/dist/include/dix-config.h.in 2017/03/08 07:31:42 1.2
@@ -218,26 +218,29 @@ | @@ -218,26 +218,29 @@ | |||
218 | 218 | |||
219 | /* Define to 1 if you have the <sys/stat.h> header file. */ | 219 | /* Define to 1 if you have the <sys/stat.h> header file. */ | |
220 | #undef HAVE_SYS_STAT_H | 220 | #undef HAVE_SYS_STAT_H | |
221 | 221 | |||
222 | /* Define to 1 if you have the <sys/types.h> header file. */ | 222 | /* Define to 1 if you have the <sys/types.h> header file. */ | |
223 | #undef HAVE_SYS_TYPES_H | 223 | #undef HAVE_SYS_TYPES_H | |
224 | 224 | |||
225 | /* Define to 1 if you have the <sys/utsname.h> header file. */ | 225 | /* Define to 1 if you have the <sys/utsname.h> header file. */ | |
226 | #undef HAVE_SYS_UTSNAME_H | 226 | #undef HAVE_SYS_UTSNAME_H | |
227 | 227 | |||
228 | /* Define to 1 if you have the <sys/vm86.h> header file. */ | 228 | /* Define to 1 if you have the <sys/vm86.h> header file. */ | |
229 | #undef HAVE_SYS_VM86_H | 229 | #undef HAVE_SYS_VM86_H | |
230 | 230 | |||
231 | /* Define to 1 if you have the `timingsafe_memcmp' function. */ | |||
232 | #undef HAVE_TIMINGSAFE_MEMCMP | |||
233 | ||||
231 | /* Define to 1 if you have the <tslib.h> header file. */ | 234 | /* Define to 1 if you have the <tslib.h> header file. */ | |
232 | #undef HAVE_TSLIB_H | 235 | #undef HAVE_TSLIB_H | |
233 | 236 | |||
234 | /* Define to 1 if you have the <unistd.h> header file. */ | 237 | /* Define to 1 if you have the <unistd.h> header file. */ | |
235 | #undef HAVE_UNISTD_H | 238 | #undef HAVE_UNISTD_H | |
236 | 239 | |||
237 | /* Define to 1 if you have the <fnmatch.h> header file. */ | 240 | /* Define to 1 if you have the <fnmatch.h> header file. */ | |
238 | #undef HAVE_FNMATCH_H | 241 | #undef HAVE_FNMATCH_H | |
239 | 242 | |||
240 | /* Have /dev/urandom */ | 243 | /* Have /dev/urandom */ | |
241 | #undef HAVE_URANDOM | 244 | #undef HAVE_URANDOM | |
242 | 245 | |||
243 | /* Define to 1 if you have the `vprintf' function. */ | 246 | /* Define to 1 if you have the `vprintf' function. */ |
--- xsrc/external/mit/xorg-server.old/dist/include/os.h 2016/06/09 09:08:00 1.1.1.1
+++ xsrc/external/mit/xorg-server.old/dist/include/os.h 2017/03/08 07:31:42 1.2
@@ -485,26 +485,31 @@ extern _X_EXPORT int xstrcasecmp(const c | @@ -485,26 +485,31 @@ extern _X_EXPORT int xstrcasecmp(const c | |||
485 | extern _X_EXPORT int xstrncasecmp(const char *s1, const char *s2, size_t n); | 485 | extern _X_EXPORT int xstrncasecmp(const char *s1, const char *s2, size_t n); | |
486 | #endif | 486 | #endif | |
487 | 487 | |||
488 | #if NEED_STRCASESTR | 488 | #if NEED_STRCASESTR | |
489 | #define strcasestr xstrcasestr | 489 | #define strcasestr xstrcasestr | |
490 | extern _X_EXPORT char *xstrcasestr(const char *s, const char *find); | 490 | extern _X_EXPORT char *xstrcasestr(const char *s, const char *find); | |
491 | #endif | 491 | #endif | |
492 | 492 | |||
493 | #ifndef HAS_STRLCPY | 493 | #ifndef HAS_STRLCPY | |
494 | extern _X_EXPORT size_t strlcpy(char *dst, const char *src, size_t siz); | 494 | extern _X_EXPORT size_t strlcpy(char *dst, const char *src, size_t siz); | |
495 | extern _X_EXPORT size_t strlcat(char *dst, const char *src, size_t siz); | 495 | extern _X_EXPORT size_t strlcat(char *dst, const char *src, size_t siz); | |
496 | #endif | 496 | #endif | |
497 | 497 | |||
498 | #ifndef HAVE_TIMINGSAFE_MEMCMP | |||
499 | extern _X_EXPORT int | |||
500 | timingsafe_memcmp(const void *b1, const void *b2, size_t len); | |||
501 | #endif | |||
502 | ||||
498 | /* Logging. */ | 503 | /* Logging. */ | |
499 | typedef enum _LogParameter { | 504 | typedef enum _LogParameter { | |
500 | XLOG_FLUSH, | 505 | XLOG_FLUSH, | |
501 | XLOG_SYNC, | 506 | XLOG_SYNC, | |
502 | XLOG_VERBOSITY, | 507 | XLOG_VERBOSITY, | |
503 | XLOG_FILE_VERBOSITY | 508 | XLOG_FILE_VERBOSITY | |
504 | } LogParameter; | 509 | } LogParameter; | |
505 | 510 | |||
506 | /* Flags for log messages. */ | 511 | /* Flags for log messages. */ | |
507 | typedef enum { | 512 | typedef enum { | |
508 | X_PROBED, /* Value was probed */ | 513 | X_PROBED, /* Value was probed */ | |
509 | X_CONFIG, /* Value was given in the config file */ | 514 | X_CONFIG, /* Value was given in the config file */ | |
510 | X_DEFAULT, /* Value is a default */ | 515 | X_DEFAULT, /* Value is a default */ |
--- xsrc/external/mit/xorg-server.old/dist/os/mitauth.c 2017/03/08 07:18:47 1.2
+++ xsrc/external/mit/xorg-server.old/dist/os/mitauth.c 2017/03/08 07:31:42 1.3
@@ -72,27 +72,27 @@ MitAddCookie ( | @@ -72,27 +72,27 @@ MitAddCookie ( | |||
72 | } | 72 | } | |
73 | 73 | |||
74 | XID | 74 | XID | |
75 | MitCheckCookie ( | 75 | MitCheckCookie ( | |
76 | unsigned short data_length, | 76 | unsigned short data_length, | |
77 | const char *data, | 77 | const char *data, | |
78 | ClientPtr client, | 78 | ClientPtr client, | |
79 | char **reason) | 79 | char **reason) | |
80 | { | 80 | { | |
81 | struct auth *auth; | 81 | struct auth *auth; | |
82 | 82 | |||
83 | for (auth = mit_auth; auth; auth=auth->next) { | 83 | for (auth = mit_auth; auth; auth=auth->next) { | |
84 | if (data_length == auth->len && | 84 | if (data_length == auth->len && | |
85 | memcmp (data, auth->data, (int) data_length) == 0) | 85 | timingsafe_memcmp(data, auth->data, (int) data_length) == 0) | |
86 | return auth->id; | 86 | return auth->id; | |
87 | } | 87 | } | |
88 | *reason = "Invalid MIT-MAGIC-COOKIE-1 key"; | 88 | *reason = "Invalid MIT-MAGIC-COOKIE-1 key"; | |
89 | return (XID) -1; | 89 | return (XID) -1; | |
90 | } | 90 | } | |
91 | 91 | |||
92 | int | 92 | int | |
93 | MitResetCookie (void) | 93 | MitResetCookie (void) | |
94 | { | 94 | { | |
95 | struct auth *auth, *next; | 95 | struct auth *auth, *next; | |
96 | 96 | |||
97 | for (auth = mit_auth; auth; auth=next) { | 97 | for (auth = mit_auth; auth; auth=next) { | |
98 | next = auth->next; | 98 | next = auth->next; |
/*
* Copyright (c) 2014 Google Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <limits.h>
#include <string.h>
#include <X11/Xfuncproto.h>
#include <dix-config.h>
#include "os.h"
int
timingsafe_memcmp(const void *b1, const void *b2, size_t len)
{
const unsigned char *p1 = b1, *p2 = b2;
size_t i;
int res = 0, done = 0;
for (i = 0; i < len; i++) {
/* lt is -1 if p1[i] < p2[i]; else 0. */
int lt = (p1[i] - p2[i]) >> CHAR_BIT;
/* gt is -1 if p1[i] > p2[i]; else 0. */
int gt = (p2[i] - p1[i]) >> CHAR_BIT;
/* cmp is 1 if p1[i] > p2[i]; -1 if p1[i] < p2[i]; else 0. */
int cmp = lt - gt;
/* set res = cmp if !done. */
res |= cmp & ~done;
/* set done if p1[i] != p2[i]. */
done |= lt | gt;
}
return (res);
}
--- xsrc/external/mit/xorg-server.old/include/dix-config.h 2016/09/21 22:11:16 1.2
+++ xsrc/external/mit/xorg-server.old/include/dix-config.h 2017/03/08 07:31:42 1.3
@@ -219,26 +219,29 @@ | @@ -219,26 +219,29 @@ | |||
219 | 219 | |||
220 | /* Define to 1 if you have the <sys/stat.h> header file. */ | 220 | /* Define to 1 if you have the <sys/stat.h> header file. */ | |
221 | #define HAVE_SYS_STAT_H 1 | 221 | #define HAVE_SYS_STAT_H 1 | |
222 | 222 | |||
223 | /* Define to 1 if you have the <sys/types.h> header file. */ | 223 | /* Define to 1 if you have the <sys/types.h> header file. */ | |
224 | #define HAVE_SYS_TYPES_H 1 | 224 | #define HAVE_SYS_TYPES_H 1 | |
225 | 225 | |||
226 | /* Define to 1 if you have the <sys/utsname.h> header file. */ | 226 | /* Define to 1 if you have the <sys/utsname.h> header file. */ | |
227 | #define HAVE_SYS_UTSNAME_H 1 | 227 | #define HAVE_SYS_UTSNAME_H 1 | |
228 | 228 | |||
229 | /* Define to 1 if you have the <sys/vm86.h> header file. */ | 229 | /* Define to 1 if you have the <sys/vm86.h> header file. */ | |
230 | /* #undef HAVE_SYS_VM86_H */ | 230 | /* #undef HAVE_SYS_VM86_H */ | |
231 | 231 | |||
232 | /* Define to 1 if you have the `timingsafe_memcmp' function. */ | |||
233 | /* #undef HAVE_TIMINGSAFE_MEMCMP */ | |||
234 | ||||
232 | /* Define to 1 if you have the <tslib.h> header file. */ | 235 | /* Define to 1 if you have the <tslib.h> header file. */ | |
233 | /* #undef HAVE_TSLIB_H */ | 236 | /* #undef HAVE_TSLIB_H */ | |
234 | 237 | |||
235 | /* Define to 1 if you have the <unistd.h> header file. */ | 238 | /* Define to 1 if you have the <unistd.h> header file. */ | |
236 | #define HAVE_UNISTD_H 1 | 239 | #define HAVE_UNISTD_H 1 | |
237 | 240 | |||
238 | /* Define to 1 if you have the <fnmatch.h> header file. */ | 241 | /* Define to 1 if you have the <fnmatch.h> header file. */ | |
239 | #define HAVE_FNMATCH_H 1 | 242 | #define HAVE_FNMATCH_H 1 | |
240 | 243 | |||
241 | /* Have /dev/urandom */ | 244 | /* Have /dev/urandom */ | |
242 | /* #undef HAVE_URANDOM */ | 245 | /* #undef HAVE_URANDOM */ | |
243 | 246 | |||
244 | /* Define to 1 if you have the `vprintf' function. */ | 247 | /* Define to 1 if you have the `vprintf' function. */ |