[PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624
Matthieu Herrb
matthieu at herrb.eu
Tue Feb 28 22:52:31 UTC 2017
On Tue, Feb 28, 2017 at 10:41:29PM +0000, Emil Velikov wrote:
> Hi Matthieu,
>
> On 28 February 2017 at 18:18, Matthieu Herrb <matthieu at herrb.eu> wrote:
> > Provide the function definition for systems that don't have it.
> >
> > Signed-off-by: Matthieu Herrb <matthieu at herrb.eu>
> > Reviewed-by: Alan Coopersmith <alan.coopersmith at oracle.com>
> > ---
> > configure.ac | 3 ++-
> > include/dix-config.h.in | 3 +++
> > include/os.h | 5 +++++
> > os/mitauth.c | 2 +-
> > os/timingsafe_memcmp.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
> > 5 files changed, 56 insertions(+), 2 deletions(-)
>
> > --- /dev/null
> > +++ b/os/timingsafe_memcmp.c
> Shouldn't we add this new file to Makefile.am somewhere ?
Hi,
No; AC_REPLACE_FUNCS() takes completely care of it.
In os/Makefile.am you have :
libos_la_LIBADD = @SHA1_LIBS@ $(DLOPEN_LIBS) $(LTLIBOBJS)
and LTLIBOBJS is expanded to the list of filenames corresponding to
functions that need to be provided in the AC_REPLACE_FUNC() macro.
--
Matthieu Herrb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: not available
URL: <https://lists.x.org/archives/xorg-devel/attachments/20170228/bd226495/attachment-0001.sig>
More information about the xorg-devel
mailing list