From 65c5d8ad7a46a83338c23dee66e208a014c3d3d2 Mon Sep 17 00:00:00 2001 From: Ulrich Sibiller Date: Fri, 3 Mar 2017 22:46:33 +0100 Subject: Backport CVE-2017-2624 (timingsafe_memcmp) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes ArcticaProject/nx-libs#365 These two commits: commit 5c44169caed811e59a65ba346de1cadb46d266ec Author: Adam Jackson Date: Thu Mar 2 17:20:30 2017 -0500 os: Squash missing declaration warning for timingsafe_memcmp timingsafe_memcmp.c:21:1: warning: no previous prototype for ‘timingsafe_memcmp’ [-Wmissing-prototypes] timingsafe_memcmp(const void *b1, const void *b2, size_t len) Signed-off-by: Adam Jackson commit d7ac755f0b618eb1259d93c8a16ec6e39a18627c Author: Matthieu Herrb Date: Tue Feb 28 19:18:25 2017 +0100 Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624 Provide the function definition for systems that don't have it. Signed-off-by: Matthieu Herrb --- nx-X11/programs/Xserver/os/Imakefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nx-X11/programs/Xserver/os/Imakefile') diff --git a/nx-X11/programs/Xserver/os/Imakefile b/nx-X11/programs/Xserver/os/Imakefile index 2abc1aff9..787a9ef2c 100644 --- a/nx-X11/programs/Xserver/os/Imakefile +++ b/nx-X11/programs/Xserver/os/Imakefile @@ -120,12 +120,12 @@ BOOTSTRAPCFLAGS = osinit.c utils.c log.c auth.c mitauth.c secauth.c \ $(XDMAUTHSRCS) $(RPCSRCS) xdmcp.c OtherSources \ xstrans.c $(SNPRINTF_SRCS) $(STRLCAT_SRCS) \ - $(REALLOCARRAY_SRCS) xprintf.c + $(REALLOCARRAY_SRCS) xprintf.c timingsafe_memcmp.c OBJS = WaitFor.o access.o connection.o io.o $(COLOR_OBJS) \ osinit.o utils.o log.o auth.o mitauth.o secauth.o \ $(XDMAUTHOBJS) $(RPCOBJS) xdmcp.o OtherObjects \ xstrans.o $(SNPRINTF_OBJS) $(STRLCAT_OBJS) \ - $(REALLOCARRAY_OBJS) xprintf.o + $(REALLOCARRAY_OBJS) xprintf.o timingsafe_memcmp.o #if UseMemLeak MEM_DEFINES = -DMEMBUG -- cgit v1.2.3 From 22f542626cf9935fd55a899e21144111e481542c Mon Sep 17 00:00:00 2001 From: Ulrich Sibiller Date: Sat, 4 Mar 2017 16:10:38 +0100 Subject: os: add timingsafe_memcmp to Imake There might be some library linking missing on platforms that deliver timingsafe_memcmp but I cannot test that here. --- nx-X11/programs/Xserver/os/Imakefile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'nx-X11/programs/Xserver/os/Imakefile') diff --git a/nx-X11/programs/Xserver/os/Imakefile b/nx-X11/programs/Xserver/os/Imakefile index 787a9ef2c..8b260fa32 100644 --- a/nx-X11/programs/Xserver/os/Imakefile +++ b/nx-X11/programs/Xserver/os/Imakefile @@ -115,17 +115,22 @@ GETPEER_DEFINES = -DHAS_GETPEEREID # endif #endif +#if !HasTimingsafeMemcmp +TMEMCMP_SRCS = timingsafe_memcmp.c +TMEMCMP_OBJS = timingsafe_memcmp.o +#endif + BOOTSTRAPCFLAGS = SRCS = WaitFor.c access.c connection.c io.c $(COLOR_SRCS) \ osinit.c utils.c log.c auth.c mitauth.c secauth.c \ $(XDMAUTHSRCS) $(RPCSRCS) xdmcp.c OtherSources \ xstrans.c $(SNPRINTF_SRCS) $(STRLCAT_SRCS) \ - $(REALLOCARRAY_SRCS) xprintf.c timingsafe_memcmp.c + $(REALLOCARRAY_SRCS) xprintf.c $(TMEMCMP_SRCS) OBJS = WaitFor.o access.o connection.o io.o $(COLOR_OBJS) \ osinit.o utils.o log.o auth.o mitauth.o secauth.o \ $(XDMAUTHOBJS) $(RPCOBJS) xdmcp.o OtherObjects \ xstrans.o $(SNPRINTF_OBJS) $(STRLCAT_OBJS) \ - $(REALLOCARRAY_OBJS) xprintf.o timingsafe_memcmp.o + $(REALLOCARRAY_OBJS) xprintf.o $(TMEMCMP_OBJS) #if UseMemLeak MEM_DEFINES = -DMEMBUG -- cgit v1.2.3