Prevent arithmetic on NULL pointer if the scratch space is too small #839
Conversation
|
Thanks for the PR! Before I have to time a real reply, let me note for anyone reading here that this is not something to worry about because scratch spaces are used nowhere in the public API currently. This is dead code used for future extensions. |
.travis.yml
Outdated
| @@ -31,6 +31,7 @@ env: | |||
| - BUILD=distcheck WITH_VALGRIND=no CTIMETEST=no BENCH=no | |||
| - CPPFLAGS=-DDETERMINISTIC | |||
| - CFLAGS=-O0 CTIMETEST=no | |||
| - CFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" LDFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" UBSAN_OPTIONS="print_stacktrace=1:halt_on_error=1" CTIMETEST=no | |||
There was a problem hiding this comment.
I think this should go to a different PR (if we want this at all). Not sure how long this takes on Travis, and it may not run on the GCC version on Travis etc.
There was a problem hiding this comment.
Here is the result on Travis: https://travis-ci.org/github/Fabcien/secp256k1-1/builds/738981454
UBSAN has a low overhead so the duration is only slightly impacted.
Fabcien
force-pushed
the
fix_ubsan_ecmult
branch
2 times, most recently
from
2fca70c
to
61dffd1
Compare
|
@real-or-random Now calling |
|
I'm ok with adding it here (can't speak for the others) but I think then it should look more like this line then (enable all the stuff) And should we add |
|
The best resource I could find is the documentation from LLVM. The GCC documentation explains the |
Fabcien
force-pushed
the
fix_ubsan_ecmult
branch
from
61dffd1
to
5fd2742
Compare
|
Concept ACK. I think CI tests with |
If the scratch space is too small when calling `secp256k1_ecmult_strauss_batch()`, the `state.pre_a` allocation will fail and the pointer will be `NULL`. This causes `state.pre_a_lam` to be computed from the `NULL` pointer. It is also possible that the first allocation to fail is for `state.ps`, which will cause the failure to occur when in `secp256k1_ecmult_strauss_wnaf()`. The issue has been detected by UBSAN using Clang 10: ``` CC=clang \ CFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \ LDFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \ ../configure UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 make check ```
Run UBSAN with both GCC and Clang, on Linux and macOS. The `halt_on_error=1` option is required to make the build fail if the sanitizer finds an issue.
Fabcien
force-pushed
the
fix_ubsan_ecmult
branch
from
5fd2742
to
29a299e
Compare
|
@sipa Sure, done. |
|
ACK 29a299e. Reviewed the code changes and verified that building with these sanitizer flags catches the existing error, as well as a signed integer overflow if introduced. |
|
There is an issue with Travis' s390x build, which I've cancelled. CI succeeded for all other builds. |
|
ACK 29a299e code inspection |
…s too small Summary: ``` If the scratch space is too small when calling `secp256k1_ecmult_strauss_batch()`, the `state.pre_a` allocation will fail and the pointer will be `NULL`. This causes `state.pre_a_lam` to be computed from the `NULL` pointer. It is also possible that the first allocation to fail is for `state.ps`, which will cause the failure to occur when in `secp256k1_ecmult_strauss_wnaf()`. The issue has been detected by UBSAN using Clang 10: CC=clang \ CFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \ LDFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \ ../configure UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 make check ``` Backport of secp256k1 [[bitcoin-core/secp256k1#839 | PR839]]. Test Plan: With Clang and UBSAN: ninja check-secp256k1 Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8265
…s too small Summary: ``` If the scratch space is too small when calling `secp256k1_ecmult_strauss_batch()`, the `state.pre_a` allocation will fail and the pointer will be `NULL`. This causes `state.pre_a_lam` to be computed from the `NULL` pointer. It is also possible that the first allocation to fail is for `state.ps`, which will cause the failure to occur when in `secp256k1_ecmult_strauss_wnaf()`. The issue has been detected by UBSAN using Clang 10: CC=clang \ CFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \ LDFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \ ../configure UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 make check ``` Backport of secp256k1 [[bitcoin-core/secp256k1#839 | PR839]]. Test Plan: With Clang and UBSAN: ninja check-secp256k1 Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8265
If the scratch space is too small when calling
secp256k1_ecmult_strauss_batch(), thestate.pre_aallocation willfail and the pointer will be
NULL. This causesstate.pre_a_lamto becomputed from the
NULLpointer.It is also possible that the first allocation to fail is for
state.ps,which will cause the failure to occur when in
secp256k1_ecmult_strauss_wnaf().The issue has been detected by UBSAN using Clang 10: