Project

General

Profile

Actions

Bug #14353

closed

crypto_mech2id should take unlimited string argument

Added by Toomas Soome 8 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
driver - device drivers
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

Build errors with gcc 11:

    ../../common/io/cryptmod.c: In function 'cryptmodopen':
    ../../common/io/cryptmod.c:295:26: error: 'crypto_mech2id' accessing 32 bytes in a region of size 15 [-Werror=stringop-overflow=]
      295 |         sha1_hmac_mech = crypto_mech2id(SUN_CKM_SHA1_HMAC);
          |                          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:295:26: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:296:25: error: 'crypto_mech2id' accessing 32 bytes in a region of size 13 [-Werror=stringop-overflow=]
      296 |         md5_hmac_mech = crypto_mech2id(SUN_CKM_MD5_HMAC);
          |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:296:25: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:297:26: error: 'crypto_mech2id' accessing 32 bytes in a region of size 10 [-Werror=stringop-overflow=]
      297 |         sha1_hash_mech = crypto_mech2id(SUN_CKM_SHA1);
          |                          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:297:26: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:298:25: error: 'crypto_mech2id' accessing 32 bytes in a region of size 8 [-Werror=stringop-overflow=]
      298 |         md5_hash_mech = crypto_mech2id(SUN_CKM_MD5);
          |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:298:25: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c: In function 'setup_crypto':
    ../../common/io/cryptmod.c:2702:41: error: 'crypto_mech2id' accessing 32 bytes in a region of size 12 [-Werror=stringop-overflow=]
     2702 |                         cd->mech_type = crypto_mech2id(SUN_CKM_DES_CBC);
          |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2702:41: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2696:41: error: 'crypto_mech2id' accessing 32 bytes in a region of size 12 [-Werror=stringop-overflow=]
     2696 |                         cd->mech_type = crypto_mech2id(SUN_CKM_DES_ECB);
          |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2696:41: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2706:41: error: 'crypto_mech2id' accessing 32 bytes in a region of size 13 [-Werror=stringop-overflow=]
     2706 |                         cd->mech_type = crypto_mech2id(SUN_CKM_DES3_CBC);
          |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2706:41: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2714:41: error: 'crypto_mech2id' accessing 32 bytes in a region of size 8 [-Werror=stringop-overflow=]
     2714 |                         cd->mech_type = crypto_mech2id(SUN_CKM_RC4);
          |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2714:41: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2719:41: error: 'crypto_mech2id' accessing 32 bytes in a region of size 12 [-Werror=stringop-overflow=]
     2719 |                         cd->mech_type = crypto_mech2id(SUN_CKM_AES_ECB);
          |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../../common/io/cryptmod.c:2719:41: note: referencing argument 1 of type 'char *'
    In file included from ../../common/sys/cryptmod.h:40,
                     from ../../common/io/cryptmod.c:60:
    ../../common/sys/crypto/api.h:59:27: note: in a call to function 'crypto_mech2id'
       59 | extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
          |                           ^~~~~~~~~~~~~~
    cc1: all warnings being treated as errors

There is a lot of noise, but the core of the problem is simple -- the crypto_mech2id() is declared to take argument char [32] but we do pass char arrays with different sizes. To fix, we should either change the function declaration, or use fixed size string.

Suggested by Jason, picking the path to change the argument to const char * - this would have the least impact because there are about 10 or so drivers affected by this issue.


Related issues

Related to illumos gate - Bug #14376: smbsrv: 'find_mech' accessing 32 bytes in a region of size ...ClosedToomas Soome

Actions
Related to illumos gate - Bug #14377: nsmb: 'find_mech' accessing 32 bytes in a region of size ...ClosedToomas Soome

Actions
Actions #1

Updated by Electric Monk 8 months ago

  • Gerrit CR set to 1908
Actions #2

Updated by Toomas Soome 8 months ago

  • Subject changed from cryptmod: accessing 32 bytes in a region of size ... to crypto_mech2id should take unlimited string argument
  • Description updated (diff)
Actions #3

Updated by Electric Monk 7 months ago

  • Status changed from In Progress to Closed
  • % Done changed from 90 to 100

git commit 74bc43b0515c1d5245354261e501b8923daba127

commit  74bc43b0515c1d5245354261e501b8923daba127
Author: Toomas Soome <tsoome@me.com>
Date:   2022-01-06T16:21:45.000Z

    14353 crypto_mech2id should take unlimited string argument
    Reviewed by: Jason King <jason.brian.king@gmail.com>
    Approved by: Dan McDonald <danmcd@joyent.com>

Actions #4

Updated by Toomas Soome 7 months ago

  • Related to Bug #14376: smbsrv: 'find_mech' accessing 32 bytes in a region of size ... added
Actions #5

Updated by Toomas Soome 7 months ago

  • Related to Bug #14377: nsmb: 'find_mech' accessing 32 bytes in a region of size ... added
Actions

Also available in: Atom PDF