Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

TROVE-2017-001 : move -ftrapv back into --expensive-hardening.

Nick Mathewson 7 years ago
parent
698df98837
commit
767516680c
2 changed files with 18 additions and 5 deletions
Unified View Show Diff Stats
  1. 8 0
      changes/trove-2017-001
  2. 10 5
      configure.ac

+ 8 - 0
changes/trove-2017-001
View File 

@@ -0,0 +1,8 @@
 
+  o Major bugfixes (security):
 
+    - Downgrade the "-ftrapv" option from "always on" to "only on when
 
+      --enable-expensive-hardening is provided."  This hardening option, like
 
+      others, can turn survivable bugs into crashes--and having it on by
 
+      default made a (relatively harmless) integer overflow bug into a
 
+      denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on
 
+      0.2.9.1-alpha.
 
+

+ 10 - 5
configure.ac
View File 

@@ -761,14 +761,15 @@ m4_ifdef([AS_VAR_IF],[
 
        TOR_CHECK_CFLAGS(-fPIE)
 
        TOR_CHECK_CFLAGS(-fPIE)
 
        TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
 
        TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
 
     fi
 
     fi
 
-    TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, also_link, CFLAGS_FTRAPV="-ftrapv", true)
 
     TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
 
     TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
 
-    if test "$tor_cv_cflags__ftrapv" = "yes" && test "$tor_can_link__ftrapv" != "yes"; then
 
-      AC_MSG_WARN([The compiler supports -ftrapv, but for some reason I was not able to link with -ftrapv. Are you missing run-time support? Run-time hardening will not work as well as it should.])
 
-    fi
 
 fi
 
 fi
 
 
 
 if test "x$enable_expensive_hardening" = "xyes"; then
 
 if test "x$enable_expensive_hardening" = "xyes"; then
 
+    TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, also_link, CFLAGS_FTRAPV="-ftrapv", true)
 
+   if test "$tor_cv_cflags__ftrapv" = "yes" && test "$tor_can_link__ftrapv" != "yes"; then
 
+      AC_MSG_WARN([The compiler supports -ftrapv, but for some reason I was not able to link with -ftrapv. Are you missing run-time support? Run-time hardening will not work as well as it should.])
 
+   fi
 
+
 
    if test "$tor_cv_cflags__ftrapv" != "yes"; then
 
    if test "$tor_cv_cflags__ftrapv" != "yes"; then
 
      AC_MSG_ERROR([You requested expensive hardening, but the compiler does not seem to support -ftrapv.])
 
      AC_MSG_ERROR([You requested expensive hardening, but the compiler does not seem to support -ftrapv.])
 
    fi
 
    fi
 
@@ -1819,7 +1820,7 @@ if test "x$enable_gcc_warnings_advisory" != "xno"; then
 
      -Wstatic-float-init
 
      -Wstatic-float-init
 
      -Wstatic-in-inline
 
      -Wstatic-in-inline
 
      -Wstatic-local-in-inline
 
      -Wstatic-local-in-inline
 
-     -Wstrict-overflow=2
 
+     -Wstrict-overflow=1
 
      -Wstring-compare
 
      -Wstring-compare
 
      -Wstring-conversion
 
      -Wstring-conversion
 
      -Wstrlcpy-strlcat-size
 
      -Wstrlcpy-strlcat-size
 
@@ -1864,6 +1865,10 @@ if test "x$enable_gcc_warnings_advisory" != "xno"; then
 
      -Wzero-length-array
 
      -Wzero-length-array
 
   ], [ TOR_CHECK_CFLAGS([warning_flag]) ])
 
   ], [ TOR_CHECK_CFLAGS([warning_flag]) ])
 
 
 
+dnl    We should re-enable this in some later version.  Clang doesn't
 
+dnl    mind, but it causes trouble with GCC.
 
+dnl     -Wstrict-overflow=2
 
+
 
 dnl    These seem to require annotations that we don't currently use,
 
 dnl    These seem to require annotations that we don't currently use,
 
 dnl    and they give false positives in our pthreads wrappers. (Clang 4)
 
 dnl    and they give false positives in our pthreads wrappers. (Clang 4)
 
 dnl     -Wthread-safety
 
 dnl     -Wthread-safety