[PATCH libXdmcp] Use getrandom() syscall if available

Benjamin Tissoires benjamin.tissoires at gmail.com
Mon Apr 3 12:52:57 UTC 2017


This allows to fix CVE-2017-2625 on Linux platforms without pulling in
libbsd.
The syscall getrandom is available since kernel v3.17. The code first
tries to use the syscall on a supported kernel. If the syscall fails,
it falls back to the current (vulnerable) code.
We do not implement the glibc getrandom() call given that it's only
available in glibc 2.25, and the #if dance is already messy here.

Signed-off-by: Benjamin Tissoires <benjamin.tissoires at gmail.com>
---
 Key.c        | 12 ++++++++++++
 configure.ac |  3 +++
 2 files changed, 15 insertions(+)

diff --git a/Key.c b/Key.c
index a09b316..61b07db 100644
--- a/Key.c
+++ b/Key.c
@@ -36,6 +36,10 @@ in this Software without prior written authorization from The Open Group.
 #include <bsd/stdlib.h> /* for arc4random_buf() */
 #endif
 
+#if HAVE_DECL_SYS_GETRANDOM
+#include <sys/syscall.h> /* for SYS_getrandom */
+#endif
+
 #ifndef HAVE_ARC4RANDOM_BUF
 static void
 getbits (long data, unsigned char *dst)
@@ -68,6 +72,14 @@ XdmcpGenerateKey (XdmAuthKeyPtr key)
 #ifndef HAVE_ARC4RANDOM_BUF
     long    lowbits, highbits;
 
+#if HAVE_DECL_SYS_GETRANDOM
+    int ret;
+
+    ret = syscall(SYS_getrandom, key->data, 8, 0);
+    if (ret == 8)
+	return;
+#endif
+
     srandom ((int)getpid() ^ time((Time_t *)0));
     lowbits = random ();
     highbits = random ();
diff --git a/configure.ac b/configure.ac
index 2288502..d0d4d05 100644
--- a/configure.ac
+++ b/configure.ac
@@ -63,6 +63,9 @@ case $host_os in
         ;;
 esac
 
+# Checks for syscalls
+AC_CHECK_DECLS([SYS_getrandom], [], [], [[#include <sys/syscall.h>]])
+
 # Checks for library functions.
 AC_CHECK_LIB([bsd], [arc4random_buf])
 AC_CHECK_FUNCS([srand48 lrand48 arc4random_buf])
-- 
2.9.3



More information about the xorg-devel mailing list