Blame SOURCES/0023-Ticket-49424-Resolve-csiphash-alignment-issues.patch

b045b9
From 5909e20899334816f36cac0e47105e56df52ad3c Mon Sep 17 00:00:00 2001
b045b9
From: William Brown <firstyear@redhat.com>
b045b9
Date: Mon, 30 Oct 2017 12:01:34 +1000
b045b9
Subject: [PATCH] Ticket 49424 - Resolve csiphash alignment issues
b045b9
b045b9
Bug Description:  On some platforms, uint64_t is not the same size
b045b9
as a void * - as well, if the input is not aligned correctly, then
b045b9
a number of nasty crashes can result
b045b9
b045b9
Fix Description:  Instead of relying on alignment to be correct,
b045b9
we should memcpy the data to inputs instead.
b045b9
b045b9
https://pagure.io/389-ds-base/issue/49424
b045b9
b045b9
Author: wibrown
b045b9
b045b9
Review by: lslebodn, cgrzemba, vashirov, mreynolds (Thanks!)
b045b9
b045b9
(cherry picked from commit 751446440f5269a246e6e652a64e63aa5933734a)
b045b9
---
b045b9
 src/libsds/external/csiphash/csiphash.c | 52 +++++++++++++++++++--------------
b045b9
 src/libsds/test/test_sds_csiphash.c     | 43 +++++++++++++++++++++------
b045b9
 2 files changed, 64 insertions(+), 31 deletions(-)
b045b9
b045b9
diff --git a/src/libsds/external/csiphash/csiphash.c b/src/libsds/external/csiphash/csiphash.c
b045b9
index 0089c82f7..2351db6cf 100644
b045b9
--- a/src/libsds/external/csiphash/csiphash.c
b045b9
+++ b/src/libsds/external/csiphash/csiphash.c
b045b9
@@ -32,6 +32,9 @@
b045b9
 #include <inttypes.h>
b045b9
 #include <stddef.h> /* for size_t */
b045b9
 
b045b9
+#include <stdlib.h> /* calloc,free */
b045b9
+#include <string.h> /* memcpy */
b045b9
+
b045b9
 #include <config.h>
b045b9
 
b045b9
 #if defined(HAVE_SYS_ENDIAN_H)
b045b9
@@ -75,11 +78,24 @@
b045b9
 uint64_t
b045b9
 sds_siphash13(const void *src, size_t src_sz, const char key[16])
b045b9
 {
b045b9
-    const uint64_t *_key = (uint64_t *)key;
b045b9
+    uint64_t _key[2] = {0};
b045b9
+    memcpy(_key, key, 16);
b045b9
     uint64_t k0 = _le64toh(_key[0]);
b045b9
     uint64_t k1 = _le64toh(_key[1]);
b045b9
     uint64_t b = (uint64_t)src_sz << 56;
b045b9
-    const uint64_t *in = (uint64_t *)src;
b045b9
+
b045b9
+    size_t input_sz = (src_sz / sizeof(uint64_t)) + 1;
b045b9
+
b045b9
+    /* Account for non-uint64_t alligned input */
b045b9
+    /* Could make this stack allocation */
b045b9
+    uint64_t *in = calloc(1, input_sz * sizeof(uint64_t));
b045b9
+    /*
b045b9
+     * Because all crypto code sucks, they modify *in
b045b9
+     * during operation, so we stash a copy of the ptr here.
b045b9
+     * alternately, we could use stack allocated array, but gcc
b045b9
+     * will complain about the vla being unbounded.
b045b9
+     */
b045b9
+    uint64_t *in_ptr = memcpy(in, src, src_sz);
b045b9
 
b045b9
     uint64_t v0 = k0 ^ 0x736f6d6570736575ULL;
b045b9
     uint64_t v1 = k1 ^ 0x646f72616e646f6dULL;
b045b9
@@ -96,27 +112,15 @@ sds_siphash13(const void *src, size_t src_sz, const char key[16])
b045b9
         v0 ^= mi;
b045b9
     }
b045b9
 
b045b9
+    /*
b045b9
+     * Because we allocate in as size + 1, we can over-read 0
b045b9
+     * for this buffer to be padded correctly. in here is a pointer to the
b045b9
+     * excess data because the while loop above increments the in pointer
b045b9
+     * to point to the excess once src_sz drops < 8.
b045b9
+     */
b045b9
     uint64_t t = 0;
b045b9
-    uint8_t *pt = (uint8_t *)&t;
b045b9
-    uint8_t *m = (uint8_t *)in;
b045b9
-
b045b9
-    switch (src_sz) {
b045b9
-    case 7:
b045b9
-        pt[6] = m[6]; /* FALLTHRU */
b045b9
-    case 6:
b045b9
-        pt[5] = m[5]; /* FALLTHRU */
b045b9
-    case 5:
b045b9
-        pt[4] = m[4]; /* FALLTHRU */
b045b9
-    case 4:
b045b9
-        *((uint32_t *)&pt[0]) = *((uint32_t *)&m[0]);
b045b9
-        break;
b045b9
-    case 3:
b045b9
-        pt[2] = m[2]; /* FALLTHRU */
b045b9
-    case 2:
b045b9
-        pt[1] = m[1]; /* FALLTHRU */
b045b9
-    case 1:
b045b9
-        pt[0] = m[0]; /* FALLTHRU */
b045b9
-    }
b045b9
+    memcpy(&t, in, sizeof(uint64_t));
b045b9
+
b045b9
     b |= _le64toh(t);
b045b9
 
b045b9
     v3 ^= b;
b045b9
@@ -126,5 +130,9 @@ sds_siphash13(const void *src, size_t src_sz, const char key[16])
b045b9
     v2 ^= 0xff;
b045b9
     // dround
b045b9
     dROUND(v0, v1, v2, v3);
b045b9
+
b045b9
+    free(in_ptr);
b045b9
+
b045b9
     return (v0 ^ v1) ^ (v2 ^ v3);
b045b9
 }
b045b9
+
b045b9
diff --git a/src/libsds/test/test_sds_csiphash.c b/src/libsds/test/test_sds_csiphash.c
b045b9
index cdb6b7f46..cc9a6b2b5 100644
b045b9
--- a/src/libsds/test/test_sds_csiphash.c
b045b9
+++ b/src/libsds/test/test_sds_csiphash.c
b045b9
@@ -25,23 +25,48 @@
b045b9
 static void
b045b9
 test_siphash(void **state __attribute__((unused)))
b045b9
 {
b045b9
-
b045b9
-    //
b045b9
     uint64_t value = 0;
b045b9
     uint64_t hashout = 0;
b045b9
     char key[16] = {0};
b045b9
 
b045b9
-    uint64_t test_a = 15794382300316794652U;
b045b9
-    uint64_t test_b = 13042610424265326907U;
b045b9
+    uint64_t test_simple = 15794382300316794652U;
b045b9
 
b045b9
-    // Initial simple test
b045b9
+    /* Initial simple test */
b045b9
     value = htole64(5);
b045b9
     hashout = sds_siphash13(&value, sizeof(uint64_t), key);
b045b9
-    assert_true(hashout == test_a);
b045b9
+    assert_int_equal(hashout, test_simple);
b045b9
+
b045b9
+    /* Test a range of input sizes to check endianness behaviour */
b045b9
+
b045b9
+    hashout = sds_siphash13("a", 1, key);
b045b9
+    assert_int_equal(hashout, 0x407448d2b89b1813U);
b045b9
+
b045b9
+    hashout = sds_siphash13("aa", 2, key);
b045b9
+    assert_int_equal(hashout, 0x7910e0436ed8d1deU);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaa", 3, key);
b045b9
+    assert_int_equal(hashout, 0xf752893a6c769652U);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaaa", 4, key);
b045b9
+    assert_int_equal(hashout, 0x8b02350718d87164U);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaaaa", 5, key);
b045b9
+    assert_int_equal(hashout, 0x92a991474c7eef2U);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaaaaa", 6, key);
b045b9
+    assert_int_equal(hashout, 0xf0ab815a640277ccU);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaaaaaa", 7, key);
b045b9
+    assert_int_equal(hashout, 0x33f3c6d7dbc82c0dU);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaaaaaaa", 8, key);
b045b9
+    assert_int_equal(hashout, 0xc501b12e18428c92U);
b045b9
+
b045b9
+    hashout = sds_siphash13("aaaaaaaabbbb", 12, key);
b045b9
+    assert_int_equal(hashout, 0xcddca673069ade64U);
b045b9
 
b045b9
-    char *test = "abc";
b045b9
-    hashout = sds_siphash13(test, 4, key);
b045b9
-    assert_true(hashout == test_b);
b045b9
+    hashout = sds_siphash13("aaaaaaaabbbbbbbb", 16, key);
b045b9
+    assert_int_equal(hashout, 0xdc54f0bfc0e1deb0U);
b045b9
 }
b045b9
 
b045b9
 int
b045b9
-- 
b045b9
2.13.6
b045b9