From c7a5823885cac3d6e085f5e8b8b2e13a37095a70 Mon Sep 17 00:00:00 2001 From: Ludvig Michaelsson Date: Mon, 7 Oct 2024 11:11:03 +0200 Subject: [PATCH] random: workaround MSAN false positive In Ubuntu 24.04, glibc has arc4random_buf included, which triggers this path for the fuzzer. Unfortunately, MSAN appears to not realise that the iv buffer for aes256_cbc_fips() is in fact initialized by this function call. We work around it by manually marking the memory contents as initialized. --- src/random.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/random.c b/src/random.c index 9688d35c..6f7ad2d1 100644 --- a/src/random.c +++ b/src/random.c @@ -16,6 +16,13 @@ #include #endif +#if defined(__has_feature) +# if __has_feature(memory_sanitizer) +# include +# define WITH_MSAN 1 +# endif +#endif + #include "fido.h" #if defined(_WIN32) @@ -45,6 +52,9 @@ int fido_get_random(void *buf, size_t len) { arc4random_buf(buf, len); +#ifdef WITH_MSAN + __msan_unpoison(buf, len); /* XXX */ +#endif return (0); } #elif defined(HAVE_GETRANDOM)