summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-08-31 10:11:07 +0200
committerJulian Andres Klode <jak@debian.org>2016-10-05 21:53:38 +0200
commit3b4a7c7da916ad9584af34d535ebac37f3b338a0 (patch)
treea55f2ddbe5c2880bb50611c6d426db5b344f5c75
parent2ce2ada40aa93ca5d31fb9dd0ca8d78df5751227 (diff)
try not to call memcpy with length 0 in hash calculations
memcpy is marked as nonnull for its input, but ignores the input anyhow if the declared length is zero. Our SHA2 implementations do this as well, it was "just" MD5 and SHA1 missing, so we add the length check here as well as along the callstack as it is really pointless to do all these method calls for "nothing". Reported-By: gcc -fsanitize=undefined (cherry picked from commit 644478e8db56f305601c3628a74e53de048b28c8)
-rw-r--r--apt-pkg/contrib/hashes.cc2
-rw-r--r--apt-pkg/contrib/hashes.h8
-rw-r--r--apt-pkg/contrib/hashsum_template.h12
-rw-r--r--apt-pkg/contrib/md5.cc2
-rw-r--r--apt-pkg/contrib/md5.h2
-rw-r--r--apt-pkg/contrib/sha1.cc2
-rw-r--r--apt-pkg/contrib/sha1.h2
-rw-r--r--apt-pkg/contrib/sha2.h6
-rw-r--r--methods/rred.cc9
9 files changed, 26 insertions, 19 deletions
diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index 755ad2035..662c2bf8b 100644
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -312,6 +312,8 @@ public:
// Hashes::Add* - Add the contents of data or FD /*{{{*/
bool Hashes::Add(const unsigned char * const Data, unsigned long long const Size)
{
+ if (Size == 0)
+ return true;
bool Res = true;
APT_IGNORE_DEPRECATED_PUSH
if ((d->CalcHashes & MD5SUM) == MD5SUM)
diff --git a/apt-pkg/contrib/hashes.h b/apt-pkg/contrib/hashes.h
index 9bfc32c54..1fe0afc00 100644
--- a/apt-pkg/contrib/hashes.h
+++ b/apt-pkg/contrib/hashes.h
@@ -195,11 +195,11 @@ class Hashes
static const int UntilEOF = 0;
- bool Add(const unsigned char * const Data, unsigned long long const Size);
- APT_DEPRECATED_MSG("Construct accordingly instead of choosing hashes while adding") bool Add(const unsigned char * const Data, unsigned long long const Size, unsigned int const Hashes);
- inline bool Add(const char * const Data)
+ bool Add(const unsigned char * const Data, unsigned long long const Size) APT_NONNULL(2);
+ APT_DEPRECATED_MSG("Construct accordingly instead of choosing hashes while adding") bool Add(const unsigned char * const Data, unsigned long long const Size, unsigned int const Hashes) APT_NONNULL(2);
+ inline bool Add(const char * const Data) APT_NONNULL(2)
{return Add((unsigned char const * const)Data,strlen(Data));};
- inline bool Add(const unsigned char * const Beg,const unsigned char * const End)
+ inline bool Add(const unsigned char * const Beg,const unsigned char * const End) APT_NONNULL(2,3)
{return Add(Beg,End-Beg);};
enum SupportedHashes { MD5SUM = (1 << 0), SHA1SUM = (1 << 1), SHA256SUM = (1 << 2),
diff --git a/apt-pkg/contrib/hashsum_template.h b/apt-pkg/contrib/hashsum_template.h
index 4000f230d..e5032d02f 100644
--- a/apt-pkg/contrib/hashsum_template.h
+++ b/apt-pkg/contrib/hashsum_template.h
@@ -122,18 +122,18 @@ class HashSumValue
class SummationImplementation
{
public:
- virtual bool Add(const unsigned char *inbuf, unsigned long long inlen) = 0;
- inline bool Add(const char *inbuf, unsigned long long const inlen)
+ virtual bool Add(const unsigned char *inbuf, unsigned long long inlen) APT_NONNULL(2) = 0;
+ inline bool Add(const char *inbuf, unsigned long long const inlen) APT_NONNULL(2)
{ return Add((const unsigned char *)inbuf, inlen); }
- inline bool Add(const unsigned char *Data)
+ inline bool Add(const unsigned char *Data) APT_NONNULL(2)
{ return Add(Data, strlen((const char *)Data)); }
- inline bool Add(const char *Data)
+ inline bool Add(const char *Data) APT_NONNULL(2)
{ return Add((const unsigned char *)Data, strlen(Data)); }
- inline bool Add(const unsigned char *Beg, const unsigned char *End)
+ inline bool Add(const unsigned char *Beg, const unsigned char *End) APT_NONNULL(2,3)
{ return Add(Beg, End - Beg); }
- inline bool Add(const char *Beg, const char *End)
+ inline bool Add(const char *Beg, const char *End) APT_NONNULL(2,3)
{ return Add((const unsigned char *)Beg, End - Beg); }
bool AddFD(int Fd, unsigned long long Size = 0);
diff --git a/apt-pkg/contrib/md5.cc b/apt-pkg/contrib/md5.cc
index b487a96f9..ff7868fe2 100644
--- a/apt-pkg/contrib/md5.cc
+++ b/apt-pkg/contrib/md5.cc
@@ -187,6 +187,8 @@ bool MD5Summation::Add(const unsigned char *data,unsigned long long len)
{
if (Done == true)
return false;
+ if (len == 0)
+ return true;
uint32_t *buf = (uint32_t *)Buf;
uint32_t *bytes = (uint32_t *)Bytes;
diff --git a/apt-pkg/contrib/md5.h b/apt-pkg/contrib/md5.h
index a16ea4d2d..a286f092a 100644
--- a/apt-pkg/contrib/md5.h
+++ b/apt-pkg/contrib/md5.h
@@ -48,7 +48,7 @@ class MD5Summation : public SummationImplementation
public:
- bool Add(const unsigned char *inbuf, unsigned long long inlen) APT_OVERRIDE;
+ bool Add(const unsigned char *inbuf, unsigned long long inlen) APT_OVERRIDE APT_NONNULL(2);
using SummationImplementation::Add;
MD5SumValue Result();
diff --git a/apt-pkg/contrib/sha1.cc b/apt-pkg/contrib/sha1.cc
index bf6bc6cb6..298a7799b 100644
--- a/apt-pkg/contrib/sha1.cc
+++ b/apt-pkg/contrib/sha1.cc
@@ -243,6 +243,8 @@ bool SHA1Summation::Add(const unsigned char *data,unsigned long long len)
{
if (Done)
return false;
+ if (len == 0)
+ return true;
uint32_t *state = (uint32_t *)State;
uint32_t *count = (uint32_t *)Count;
diff --git a/apt-pkg/contrib/sha1.h b/apt-pkg/contrib/sha1.h
index 1c5cb5aa1..3387c1cfd 100644
--- a/apt-pkg/contrib/sha1.h
+++ b/apt-pkg/contrib/sha1.h
@@ -37,7 +37,7 @@ class SHA1Summation : public SummationImplementation
bool Done;
public:
- bool Add(const unsigned char *inbuf, unsigned long long inlen) APT_OVERRIDE;
+ bool Add(const unsigned char *inbuf, unsigned long long inlen) APT_OVERRIDE APT_NONNULL(2);
using SummationImplementation::Add;
SHA1SumValue Result();
diff --git a/apt-pkg/contrib/sha2.h b/apt-pkg/contrib/sha2.h
index 8b4bdd439..164840d3b 100644
--- a/apt-pkg/contrib/sha2.h
+++ b/apt-pkg/contrib/sha2.h
@@ -34,7 +34,7 @@ class SHA2SummationBase : public SummationImplementation
protected:
bool Done;
public:
- bool Add(const unsigned char *inbuf, unsigned long long len) APT_OVERRIDE = 0;
+ bool Add(const unsigned char *inbuf, unsigned long long len) APT_OVERRIDE APT_NONNULL(2) = 0;
void Result();
};
@@ -45,7 +45,7 @@ class SHA256Summation : public SHA2SummationBase
unsigned char Sum[32];
public:
- bool Add(const unsigned char *inbuf, unsigned long long len) APT_OVERRIDE
+ bool Add(const unsigned char *inbuf, unsigned long long len) APT_OVERRIDE APT_NONNULL(2)
{
if (Done)
return false;
@@ -78,7 +78,7 @@ class SHA512Summation : public SHA2SummationBase
unsigned char Sum[64];
public:
- bool Add(const unsigned char *inbuf, unsigned long long len) APT_OVERRIDE
+ bool Add(const unsigned char *inbuf, unsigned long long len) APT_OVERRIDE APT_NONNULL(2)
{
if (Done)
return false;
diff --git a/methods/rred.cc b/methods/rred.cc
index 2002da743..e2124fd05 100644
--- a/methods/rred.cc
+++ b/methods/rred.cc
@@ -336,7 +336,7 @@ class Patch {
FileChanges filechanges;
MemBlock add_text;
- static bool retry_fwrite(char *b, size_t l, FileFd &f, Hashes * const start_hash, Hashes * const end_hash = nullptr)
+ static bool retry_fwrite(char *b, size_t l, FileFd &f, Hashes * const start_hash, Hashes * const end_hash = nullptr) APT_NONNULL(1)
{
if (f.Write(b, l) == false)
return false;
@@ -386,8 +386,8 @@ class Patch {
}
}
- static void dump_mem(FileFd &o, char *p, size_t s, Hashes *hash) {
- retry_fwrite(p, s, o, hash);
+ static void dump_mem(FileFd &o, char *p, size_t s, Hashes *hash) APT_NONNULL(2) {
+ retry_fwrite(p, s, o, nullptr, hash);
}
public:
@@ -539,7 +539,8 @@ class Patch {
for (ch = filechanges.begin(); ch != filechanges.end(); ++ch) {
dump_lines(out, in, ch->offset, start_hash, end_hash);
skip_lines(in, ch->del_cnt, start_hash);
- dump_mem(out, ch->add, ch->add_len, end_hash);
+ if (ch->add_len != 0)
+ dump_mem(out, ch->add, ch->add_len, end_hash);
}
dump_rest(out, in, start_hash, end_hash);
out.Flush();