Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Nuke uses of memcmp outside of unit tests

We want to be saying fast_mem{cmp,eq,neq} when we're doing a
comparison that's allowed to exit early, or tor_mem{cmp,eq,neq} when
we need a data-invariant timing.  Direct use of memcmp tends to imply
that we haven't thought about the issue.
Nick Mathewson 11 years ago
parent
579808d4cd
commit
b1ff8daeb5
5 changed files with 9 additions and 7 deletions
Split View Show Diff Stats
  1. 2 1
      src/common/aes.c
  2. 1 1
      src/or/dirserv.c
  3. 4 3
      src/or/geoip.c
  4. 1 1
      src/or/microdesc.c
  5. 1 1
      src/or/routerlist.c

+ 2 - 1
src/common/aes.c
View File 

@@ -41,6 +41,7 @@
 
 #include "aes.h"
 
 #include "util.h"
 
 #include "torlog.h"
 
+#include "di_ops.h"
 
 
 #ifdef ANDROID
 
 /* Android's OpenSSL seems to have removed all of its Engine support. */
 
@@ -257,7 +258,7 @@ evaluate_ctr_for_aes(void)
 
   for (i=0; i<16; ++i)
 
     AES_ctr128_encrypt(&zero[i], &output[i], 1, &key, ivec, ivec_tmp, &pos);
 
 
-  if (memcmp(output, encrypt_zero, 16)) {
 
+  if (fast_memneq(output, encrypt_zero, 16)) {
 
     /* Counter mode is buggy */
 
     log_notice(LD_CRYPTO, "This OpenSSL has a buggy version of counter mode; "
 
                "not using it.");

+ 1 - 1
src/or/dirserv.c
View File 

@@ -2269,7 +2269,7 @@ compare_routerinfo_by_ip_and_bw_(const void **a, const void **b)
 
   else if (first->addr > second->addr)
 
     return 1;
 
 
-  /* Potentially, this next bit could cause k n lg n memcmp calls.  But in
 
+  /* Potentially, this next bit could cause k n lg n memeq calls.  But in
 
    * reality, we will almost never get here, since addresses will usually be
 
    * different. */

+ 4 - 3
src/or/geoip.c
View File 

@@ -224,7 +224,8 @@ static int
 
 geoip_ipv6_compare_entries_(const void **_a, const void **_b)
 
 {
 
   const geoip_ipv6_entry_t *a = *_a, *b = *_b;
 
-  return memcmp(a->ip_low.s6_addr, b->ip_low.s6_addr, sizeof(struct in6_addr));
 
+  return fast_memcmp(a->ip_low.s6_addr, b->ip_low.s6_addr,
 
+                     sizeof(struct in6_addr));
 
 }
 
 
 /** bsearch helper: return -1, 1, or 0 based on comparison of an IPv6
 
@@ -235,10 +236,10 @@ geoip_ipv6_compare_key_to_entry_(const void *_key, const void **_member)
 
   const struct in6_addr *addr = (struct in6_addr *)_key;
 
   const geoip_ipv6_entry_t *entry = *_member;
 
 
-  if (memcmp(addr->s6_addr, entry->ip_low.s6_addr,
 
+  if (fast_memcmp(addr->s6_addr, entry->ip_low.s6_addr,
 
              sizeof(struct in6_addr)) < 0)
 
     return -1;
 
-  else if (memcmp(addr->s6_addr, entry->ip_high.s6_addr,
 
+  else if (fast_memcmp(addr->s6_addr, entry->ip_high.s6_addr,
 
                   sizeof(struct in6_addr)) > 0)
 
     return 1;
 
   else

+ 1 - 1
src/or/microdesc.c
View File 

@@ -479,7 +479,7 @@ microdesc_cache_rebuild(microdesc_cache_t *cache, int force)
 
     if (PREDICT_UNLIKELY(
 
              md->bodylen < 9 || fast_memneq(md->body, "onion-key", 9) != 0)) {
 
       /* XXXX once bug 2022 is solved, we can kill this block and turn it
 
-       * into just the tor_assert(!memcmp) */
 
+       * into just the tor_assert(fast_memeq) */
 
       off_t avail = cache->cache_content->size - md->off;
 
       char *bad_str;
 
       tor_assert(avail >= 0);

+ 1 - 1
src/or/routerlist.c
View File 

@@ -4436,7 +4436,7 @@ update_consensus_router_descriptor_downloads(time_t now, int is_vote,
 
                    sd->signed_descriptor_digest, DIGEST_LEN)) {
 
           /* We have a descriptor with this digest, but either there is no
 
            * entry in routerlist with the same ID (!ri), or there is one,
 
-           * but the identity digest differs (memcmp).
 
+           * but the identity digest differs (memneq).
 
            */
 
           smartlist_add(no_longer_old, sd);
 
           ++n_in_oldrouters; /* We have it in old_routers. */