From 6440616152c46002c71a3a6413adeeb0fe435db0 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 26 Jan 2020 20:28:36 +0000 Subject: [PATCH 1/1] Taint: fix hybrid-mode transition --- src/src/store.c | 16 +++++++++++----- test/confs/0599 | 1 + test/runtest | 3 +++ 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/src/store.c b/src/src/store.c index 1fe97e6c9..3192b9774 100644 --- a/src/src/store.c +++ b/src/src/store.c @@ -225,14 +225,20 @@ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Taint mismatch, %s: %s %d\n", } static void -use_slow_taint_check(void) +use_slow_taint_check(const uschar * why) { #ifndef COMPILE_UTILITY -DEBUG(D_any) debug_printf("switching to slow-mode taint checking\n"); +DEBUG(D_any) + debug_printf("switching to slow-mode taint checking (after %s) " + "taint bounds %p %p\n", why, tainted_base, tainted_top); #endif f.taint_check_slow = TRUE; } +/* If the creation of a new tainted region results in any of the +untainted regions appearing to be tainted, using the fast-mode test, +we need to switch to safe-but-slow mode. */ + static void verify_all_untainted(void) { @@ -242,7 +248,7 @@ for (int pool = 0; pool < POOL_TAINT_BASE; pool++) uschar * bc = US b + ALIGNED_SIZEOF_STOREBLOCK; if (is_tainted(bc)) { - use_slow_taint_check(); + use_slow_taint_check(US"mmap"); return; } } @@ -841,7 +847,7 @@ if (!(yield = mmap(NULL, (size_t)size, if (yield < tainted_base) tainted_base = yield; if ((top = US yield + size) > tainted_top) tainted_top = top; -if (!f.taint_check_slow) use_slow_taint_check(); +if (!f.taint_check_slow) verify_all_untainted(); return store_alloc_tail(yield, size, func, line, US"Mmap"); } @@ -879,7 +885,7 @@ the slower checking for tainting (checking an address against all the tainted pool block spans, rather than just the mmap span) */ if (!f.taint_check_slow && is_tainted(yield)) - use_slow_taint_check(); + use_slow_taint_check(US"malloc"); return store_alloc_tail(yield, size, func, linenumber, US"Malloc"); } diff --git a/test/confs/0599 b/test/confs/0599 index 54667124d..efdbd3c60 100644 --- a/test/confs/0599 +++ b/test/confs/0599 @@ -50,5 +50,6 @@ smtp: hosts = HOSTIPV4 port = PORT_D allow_localhost + hosts_try_fastopen = : # End diff --git a/test/runtest b/test/runtest index 595566e40..d9db2ccc8 100755 --- a/test/runtest +++ b/test/runtest @@ -1325,6 +1325,9 @@ RESET_AFTER_EXTRA_LINE_READ: s/^errno = \d+$/errno = EEE/; s/^writing error \d+: /writing error EEE: /; + # Some platforms have to flip to slow-mode taint-checking + next if /switching to slow-mode taint checking/; + # When Exim is checking the size of directories for maildir, it uses # the check_dir_size() function to scan directories. Of course, the order # of the files that are obtained using readdir() varies from system to -- 2.30.2