[CFI] Fix cfi-icall failures
Control Flow Integrity [1] indirect call checking verifies that function pointers only call valid functions with a matching type signature. webrtc casts the function pointers for external_hmac causing a cfi-icall failure when they are later called in libsrtp. Refactor the functions to match the correct type signatures to avoid this failure. [1] https://www.chromium.org/developers/testing/control-flow-integrity Bug: chromium:776905 Change-Id: I419028be02e6c151c497e3ec64f10f35e07cdb0f Reviewed-on: https://webrtc-review.googlesource.com/26721 Commit-Queue: Karl Wiberg <kwiberg@webrtc.org> Reviewed-by: Karl Wiberg <kwiberg@webrtc.org> Cr-Commit-Position: refs/heads/master@{#21220}
This commit is contained in:
Vlad Tsyrklevich
Commit Bot
parent
2e27d1cf5e
commit
e8e8ad8d19
@ -51,10 +51,10 @@ static const char kExternalHmacDescription[] =
|
||||
static const srtp_auth_type_t external_hmac = {
|
||||
external_hmac_alloc,
|
||||
external_hmac_dealloc,
|
||||
(srtp_auth_init_func) external_hmac_init,
|
||||
(srtp_auth_compute_func) external_hmac_compute,
|
||||
(srtp_auth_update_func) external_hmac_update,
|
||||
(srtp_auth_start_func) external_hmac_start,
|
||||
external_hmac_init,
|
||||
external_hmac_compute,
|
||||
external_hmac_update,
|
||||
external_hmac_start,
|
||||
const_cast<char*>(kExternalHmacDescription),
|
||||
const_cast<srtp_auth_test_case_t*>(&kExternalHmacTestCase0),
|
||||
EXTERNAL_HMAC_SHA1
|
||||
@ -104,31 +104,32 @@ srtp_err_status_t external_hmac_dealloc(srtp_auth_t* a) {
|
||||
return srtp_err_status_ok;
|
||||
}
|
||||
|
||||
srtp_err_status_t external_hmac_init(ExternalHmacContext* state,
|
||||
srtp_err_status_t external_hmac_init(void* state,
|
||||
const uint8_t* key,
|
||||
int key_len) {
|
||||
if (key_len > HMAC_KEY_LENGTH)
|
||||
return srtp_err_status_bad_param;
|
||||
|
||||
memset(state->key, 0, key_len);
|
||||
memcpy(state->key, key, key_len);
|
||||
state->key_length = key_len;
|
||||
ExternalHmacContext* context = static_cast<ExternalHmacContext*>(state);
|
||||
memset(context->key, 0, key_len);
|
||||
memcpy(context->key, key, key_len);
|
||||
context->key_length = key_len;
|
||||
return srtp_err_status_ok;
|
||||
}
|
||||
|
||||
srtp_err_status_t external_hmac_start(ExternalHmacContext* state) {
|
||||
srtp_err_status_t external_hmac_start(void* /*state*/) {
|
||||
return srtp_err_status_ok;
|
||||
}
|
||||
|
||||
srtp_err_status_t external_hmac_update(ExternalHmacContext* state,
|
||||
const uint8_t* message,
|
||||
int msg_octets) {
|
||||
srtp_err_status_t external_hmac_update(void* /*state*/,
|
||||
const uint8_t* /*message*/,
|
||||
int /*msg_octets*/) {
|
||||
return srtp_err_status_ok;
|
||||
}
|
||||
|
||||
srtp_err_status_t external_hmac_compute(ExternalHmacContext* state,
|
||||
const void* message,
|
||||
int msg_octets,
|
||||
srtp_err_status_t external_hmac_compute(void* /*state*/,
|
||||
const uint8_t* /*message*/,
|
||||
int /*msg_octets*/,
|
||||
int tag_len,
|
||||
uint8_t* result) {
|
||||
memcpy(result, kExternalHmacFakeTag, tag_len);
|
||||
|
||||
@ -49,18 +49,18 @@ srtp_err_status_t external_hmac_alloc(srtp_auth_t** a,
|
||||
|
||||
srtp_err_status_t external_hmac_dealloc(srtp_auth_t* a);
|
||||
|
||||
srtp_err_status_t external_hmac_init(ExternalHmacContext* state,
|
||||
srtp_err_status_t external_hmac_init(void* state,
|
||||
const uint8_t* key,
|
||||
int key_len);
|
||||
|
||||
srtp_err_status_t external_hmac_start(ExternalHmacContext* state);
|
||||
srtp_err_status_t external_hmac_start(void* state);
|
||||
|
||||
srtp_err_status_t external_hmac_update(ExternalHmacContext* state,
|
||||
srtp_err_status_t external_hmac_update(void* state,
|
||||
const uint8_t* message,
|
||||
int msg_octets);
|
||||
|
||||
srtp_err_status_t external_hmac_compute(ExternalHmacContext* state,
|
||||
const void* message,
|
||||
srtp_err_status_t external_hmac_compute(void* state,
|
||||
const uint8_t* message,
|
||||
int msg_octets,
|
||||
int tag_len,
|
||||
uint8_t* result);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user