[PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624
Emil Velikov
emil.l.velikov at gmail.com
Wed Mar 1 16:46:14 UTC 2017
On 28 February 2017 at 22:52, Matthieu Herrb <matthieu at herrb.eu> wrote:
>
> On Tue, Feb 28, 2017 at 10:41:29PM +0000, Emil Velikov wrote:
>> Hi Matthieu,
>>
>> On 28 February 2017 at 18:18, Matthieu Herrb <matthieu at herrb.eu> wrote:
>> > Provide the function definition for systems that don't have it.
>> >
>> > Signed-off-by: Matthieu Herrb <matthieu at herrb.eu>
>> > Reviewed-by: Alan Coopersmith <alan.coopersmith at oracle.com>
>> > ---
>> > configure.ac | 3 ++-
>> > include/dix-config.h.in | 3 +++
>> > include/os.h | 5 +++++
>> > os/mitauth.c | 2 +-
>> > os/timingsafe_memcmp.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
>> > 5 files changed, 56 insertions(+), 2 deletions(-)
>>
>> > --- /dev/null
>> > +++ b/os/timingsafe_memcmp.c
>> Shouldn't we add this new file to Makefile.am somewhere ?
>
> Hi,
>
> No; AC_REPLACE_FUNCS() takes completely care of it.
>
> In os/Makefile.am you have :
>
> libos_la_LIBADD = @SHA1_LIBS@ $(DLOPEN_LIBS) $(LTLIBOBJS)
>
> and LTLIBOBJS is expanded to the list of filenames corresponding to
> functions that need to be provided in the AC_REPLACE_FUNC() macro.
Indeed it does - thanks for the correction.
Emil
More information about the xorg-devel
mailing list