jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
hostap/src/crypto
History
Nick Kralevich d447cd596f Updates for stricter automatic memcpy bounds checking 
Both Android's libc and glibc support _FORTIFY_SOURCE, a compiler
and libc feature which inserts automatic bounds checking into
common C functions such as memcpy() and strcpy(). If a buffer
overflow occurs when calling a hardened libc function, the
automatic bounds checking will safely shutdown the program and
prevent memory corruption.

Android is experimenting with _FORTIFY_SOURCE=3, a new fortify
level which enhances memcpy() to prevent overflowing an element
of a struct. Under the enhancements, code such as

  struct foo {
    char empty[0];
    char one[1];
    char a[10];
    char b[10];
  };

  int main() {
    foo myfoo;
    int n = atoi("11");
    memcpy(myfoo.a, "01234567890123456789", n);
    return 0;
  }

will cleanly crash when the memcpy() call is made.

Fixup hostap code to support the new level. Specifically:

* Fixup sha1_transform so it works with the enhanced bounds checking.
The old memcpy() code was attempting to write to context.h0, but that
structure element is too small and the write was extending (by design)
into h1, h2, h3, and h4. Use explicit assignments instead of
overflowing the struct element.

* Modify most of the structures in ieee802_11_defs.h to use ISO C99
flexible array members (https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html)
instead of a zero length array. Zero length arrays have zero length,
and any attempt to call memcpy() on such elements will always overflow.
Flexible array members have no such limitation. The only element not
adjusted is probe_req, since doing so will generate a compile time error,
and it's not obvious to me how to fix it.

Signed-off-by: Nick Kralevich <nnk@google.com>
2015-04-13 14:01:40 +03:00
..
.gitignore Add rules for building src/crypto as a library 2009-12-05 22:03:46 +02:00
aes-cbc.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-ccm.c AES-CCM: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
aes-ctr.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-eax.c crypto: Clear temporary heap allocations before freeing 2015-01-06 02:49:13 +02:00
aes-encblock.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-gcm.c AES-GCM: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
aes-internal-dec.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-internal-enc.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-internal.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-omac1.c Extend AES-CMAC routines to support 256-bit keys 2015-01-24 19:37:42 +02:00
aes-siv.c crypto: Clear temporary heap allocations before freeing 2015-01-06 02:49:13 +02:00
aes-unwrap.c AES: Extend key wrap implementation to support longer data 2014-10-07 14:57:10 +03:00
aes-wrap.c AES: Extend key wrap implementation to support longer data 2014-10-07 14:57:10 +03:00
aes.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes_i.h Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes_siv.h Implement RFC 5297 AES-SIV 2014-10-19 12:43:38 +03:00
aes_wrap.h Extend AES-CMAC routines to support 256-bit keys 2015-01-24 19:37:42 +02:00
crypto.h Add function for building RSA public key from n and e parameters 2014-05-19 23:27:30 +03:00
crypto_gnutls.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_internal-cipher.c Fix AES block size handling for internal cipher 2012-09-09 14:12:59 +03:00
crypto_internal-modexp.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_internal-rsa.c Add function for building RSA public key from n and e parameters 2014-05-19 23:27:30 +03:00
crypto_internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_libtomcrypt.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_module_tests.c tests: Fix crypto module test build without EAP-FAST 2015-01-12 00:19:21 +02:00
crypto_none.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
crypto_openssl.c OpenSSL: Implement AES-128 CBC using EVP API 2015-03-29 20:30:58 +03:00
des-internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
des_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
dh_group5.c Add dh5_init_fixed() to allow fixed DH parameters to be used 2012-06-27 21:22:12 +03:00
dh_group5.h Add dh5_init_fixed() to allow fixed DH parameters to be used 2012-06-27 21:22:12 +03:00
dh_groups.c DH: Clear memory explicitly on private key deinit 2015-01-05 18:03:40 +02:00
dh_groups.h Add Diffie-Hellman group definitions for MODP groups in RFC 5114 2013-01-12 17:51:54 +02:00
fips_prf_internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
fips_prf_openssl.c Updates for stricter automatic memcpy bounds checking 2015-04-13 14:01:40 +03:00
Makefile Implement RFC 5297 AES-SIV 2014-10-19 12:43:38 +03:00
md4-internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
md5-internal.c Hide strict-aliasing warning with gcc 4.7 2012-11-11 20:29:20 +02:00
md5.c crypto: Clear temporary stack buffers after use 2015-01-06 02:49:13 +02:00
md5.h FIPS: Remove md5-non-fips.c 2012-08-19 16:53:15 +03:00
md5_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
milenage.c Milenage: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
milenage.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ms_funcs.c ms_funcs: Make challenge_hash() non-static 2015-03-29 22:27:00 +03:00
ms_funcs.h ms_funcs: Make challenge_hash() non-static 2015-03-29 22:27:00 +03:00
random.c Clean up debug prints to use wpa_printf() 2014-12-26 13:20:57 +02:00
random.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rc4.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha1-internal.c Use internal FIPS 186-2 PRF if needed 2014-03-11 16:44:22 +02:00
sha1-pbkdf2.c Convert remaining SSID routines from char* to u8* 2012-08-07 16:07:25 +03:00
sha1-prf.c crypto: Clear temporary stack buffers after use 2015-01-06 02:49:13 +02:00
sha1-tlsprf.c Explicitly clear temporary stack buffers in tls_prf_sha1_md5() 2015-03-29 16:43:03 +03:00
sha1-tprf.c Explicitly clear temporary stack buffer in sha1_t_prf() 2015-03-29 16:40:55 +03:00
sha1.c crypto: Clear temporary stack buffers after use 2015-01-06 02:49:13 +02:00
sha1.h Convert remaining SSID routines from char* to u8* 2012-08-07 16:07:25 +03:00
sha1_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256-internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256-kdf.c Explicitly clear temporary stack buffer in hmac_sha256_kdf() 2015-03-29 16:38:37 +03:00
sha256-prf.c crypto: Clear temporary stack buffers after use 2015-01-06 02:49:13 +02:00
sha256-tlsprf.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256.c OpenSSL: Implement SHA256 HMAC functions using HMAC API 2012-08-16 22:34:35 +03:00
sha256.h ERP: Add HMAC-SHA256 KDF (RFC 5295) 2014-12-04 12:08:59 +02:00
sha256_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha384.h Add HMAC-SHA384 2015-01-27 01:26:51 +02:00
tls.h Make tls_connection_get_keyblock_size() internal to tls_*.c 2015-04-01 12:56:54 +03:00
tls_gnutls.c Make tls_connection_get_keyblock_size() internal to tls_*.c 2015-04-01 12:56:54 +03:00
tls_internal.c TLS: Fix memory leaks on tls_connection_set_params() error paths 2015-04-01 12:57:11 +03:00
tls_none.c Make tls_connection_get_keyblock_size() internal to tls_*.c 2015-04-01 12:56:54 +03:00
tls_openssl.c Make tls_connection_get_keyblock_size() internal to tls_*.c 2015-04-01 12:56:54 +03:00