diff options
| author | Florian Weimer <fweimer@redhat.com> | 2024-12-10 16:17:06 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2024-12-11 17:49:04 +0100 |
| commit | 4f5704ea347e52ac3f272d1341da10aed6e9973e (patch) | |
| tree | 507d1eee3b2833b08a6dd1bd50d4279e1b531dc3 /stdlib | |
| parent | b79f25753346a577c9ba0a3dca69bd9d9d72a020 (diff) | |
| download | glibc-4f5704ea347e52ac3f272d1341da10aed6e9973e.zip glibc-4f5704ea347e52ac3f272d1341da10aed6e9973e.tar.gz glibc-4f5704ea347e52ac3f272d1341da10aed6e9973e.tar.bz2 | |
powerpc: Use correct procedure call standard for getrandom vDSO call (bug 32440)
A plain indirect function call does not work on POWER because
success and failure are signaled through a flag register, and
not via the usual Linux negative return value convention.
This has potential security impact, in two ways: the return value
could be out of bounds (EAGAIN is 11 on powerpc6le), and no
random bytes have been written despite the non-error return value.
Fixes commit 461cab1de747f3842f27a5d24977d78d561d45f9 ("linux: Add
support for getrandom vDSO").
Reported-by: Ján Stanček <jstancek@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'stdlib')
| -rw-r--r-- | stdlib/Makefile | 1 | ||||
| -rw-r--r-- | stdlib/tst-getrandom-errno.c | 37 |
2 files changed, 38 insertions, 0 deletions
diff --git a/stdlib/Makefile b/stdlib/Makefile index 370cfa5..178151a 100644 --- a/stdlib/Makefile +++ b/stdlib/Makefile @@ -281,6 +281,7 @@ tests := \ tst-getenv-thread \ tst-getenv-unsetenv \ tst-getrandom \ + tst-getrandom-errno \ tst-getrandom2 \ tst-labs \ tst-limits \ diff --git a/stdlib/tst-getrandom-errno.c b/stdlib/tst-getrandom-errno.c new file mode 100644 index 0000000..75a60e5 --- /dev/null +++ b/stdlib/tst-getrandom-errno.c @@ -0,0 +1,37 @@ +/* Test errno handling in getrandom (bug 32440). + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +#include <errno.h> +#include <stdlib.h> +#include <support/check.h> +#include <sys/random.h> + +static +int do_test (void) +{ + errno = -1181968554; /* Just a random value. */ + char buf[4]; + int ret = getrandom (buf, sizeof (buf), -1); /* All flags set. */ + if (errno != ENOSYS) + TEST_COMPARE (errno, EINVAL); + TEST_COMPARE (ret, -1); + + return 0; +} + +#include <support/test-driver.c> |