mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 22:57:08 +00:00
- Fix #30: AddressSanitizer finding in lookup3.c.
This sets the hash function to use a slower but better auditable code that does not read beyond array boundaries. This makes code better security checkable, and is better for security. It is fixed to be slower, but not read outside of the array.
This commit is contained in:
parent
9b7843f879
commit
f1c23891ab
@ -1,5 +1,10 @@
|
||||
6 May 2019: Wouter
|
||||
- Fix #29: Solaris 11.3 and missing symbols be64toh, htobe64.
|
||||
- Fix #30: AddressSanitizer finding in lookup3.c. This sets the
|
||||
hash function to use a slower but better auditable code that does
|
||||
not read beyond array boundaries. This makes code better security
|
||||
checkable, and is better for security. It is fixed to be slower,
|
||||
but not read outside of the array.
|
||||
|
||||
2 May 2019: Wouter
|
||||
- contrib/fastrpz.patch updated for code changes, and with git diff.
|
||||
|
@ -1,4 +1,7 @@
|
||||
/*
|
||||
May 2019(Wouter: patch to enable the valgrind clean implementation all the
|
||||
time. This enabled better security audit and checks, which is better
|
||||
than the speedup. Git issue #30. Renamed the define ARRAY_CLEAN_ACCESS.
|
||||
February 2013(Wouter) patch defines for BSD endianness, from Brad Smith.
|
||||
January 2012(Wouter) added randomised initial value, fallout from 28c3.
|
||||
March 2007(Wouter) adapted from lookup3.c original, add config.h include.
|
||||
@ -44,6 +47,7 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy.
|
||||
-------------------------------------------------------------------------------
|
||||
*/
|
||||
/*#define SELF_TEST 1*/
|
||||
#define ARRAY_CLEAN_ACCESS 1
|
||||
|
||||
#include "config.h"
|
||||
#include "util/storage/lookup3.h"
|
||||
@ -336,7 +340,7 @@ uint32_t hashlittle( const void *key, size_t length, uint32_t initval)
|
||||
u.ptr = key;
|
||||
if (HASH_LITTLE_ENDIAN && ((u.i & 0x3) == 0)) {
|
||||
const uint32_t *k = (const uint32_t *)key; /* read 32-bit chunks */
|
||||
#ifdef VALGRIND
|
||||
#ifdef ARRAY_CLEAN_ACCESS
|
||||
const uint8_t *k8;
|
||||
#endif
|
||||
|
||||
@ -361,7 +365,7 @@ uint32_t hashlittle( const void *key, size_t length, uint32_t initval)
|
||||
* still catch it and complain. The masking trick does make the hash
|
||||
* noticeably faster for short strings (like English words).
|
||||
*/
|
||||
#ifndef VALGRIND
|
||||
#ifndef ARRAY_CLEAN_ACCESS
|
||||
|
||||
switch(length)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user