diff --git a/doc/Changelog b/doc/Changelog index d6eec9b2a..7b518ebfd 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,5 +1,10 @@ 6 May 2019: Wouter - Fix #29: Solaris 11.3 and missing symbols be64toh, htobe64. + - Fix #30: AddressSanitizer finding in lookup3.c. This sets the + hash function to use a slower but better auditable code that does + not read beyond array boundaries. This makes code better security + checkable, and is better for security. It is fixed to be slower, + but not read outside of the array. 2 May 2019: Wouter - contrib/fastrpz.patch updated for code changes, and with git diff. diff --git a/util/storage/lookup3.c b/util/storage/lookup3.c index cc1107481..0d4b06b2d 100644 --- a/util/storage/lookup3.c +++ b/util/storage/lookup3.c @@ -1,4 +1,7 @@ /* + May 2019(Wouter: patch to enable the valgrind clean implementation all the + time. This enabled better security audit and checks, which is better + than the speedup. Git issue #30. Renamed the define ARRAY_CLEAN_ACCESS. February 2013(Wouter) patch defines for BSD endianness, from Brad Smith. January 2012(Wouter) added randomised initial value, fallout from 28c3. March 2007(Wouter) adapted from lookup3.c original, add config.h include. @@ -44,6 +47,7 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy. ------------------------------------------------------------------------------- */ /*#define SELF_TEST 1*/ +#define ARRAY_CLEAN_ACCESS 1 #include "config.h" #include "util/storage/lookup3.h" @@ -336,7 +340,7 @@ uint32_t hashlittle( const void *key, size_t length, uint32_t initval) u.ptr = key; if (HASH_LITTLE_ENDIAN && ((u.i & 0x3) == 0)) { const uint32_t *k = (const uint32_t *)key; /* read 32-bit chunks */ -#ifdef VALGRIND +#ifdef ARRAY_CLEAN_ACCESS const uint8_t *k8; #endif @@ -361,7 +365,7 @@ uint32_t hashlittle( const void *key, size_t length, uint32_t initval) * still catch it and complain. The masking trick does make the hash * noticeably faster for short strings (like English words). */ -#ifndef VALGRIND +#ifndef ARRAY_CLEAN_ACCESS switch(length) {