[tbb-commits] [tor-browser-bundle/master] Bug 13169: Don't use /dev/random on Windows.
gk at torproject.org
gk at torproject.org
Mon Feb 16 16:15:01 UTC 2015
commit d4950e565f93396ebbd310c71e49576af9224d25
Author: Georg Koppen <gk at torproject.org>
Date: Mon Feb 16 17:13:47 2015 +0000
Bug 13169: Don't use /dev/random on Windows.
This patch got done by skruffy and is a backport of the one merged into
GCC trunk as commit 19fef1633156a2c7ddd267b43d08f1b245a6e1f4.
---
gitian/descriptors/windows/gitian-utils.yml | 5 ++
gitian/patches/gcc-dev-random.patch | 72 +++++++++++++++++++++++++++
2 files changed, 77 insertions(+)
diff --git a/gitian/descriptors/windows/gitian-utils.yml b/gitian/descriptors/windows/gitian-utils.yml
index 7846e59..bef262d 100644
--- a/gitian/descriptors/windows/gitian-utils.yml
+++ b/gitian/descriptors/windows/gitian-utils.yml
@@ -28,6 +28,7 @@ files:
- "gmp.tar.bz2"
- "enable-reloc-section-ld.patch"
- "peXXigen.patch"
+- "gcc-dev-random.patch"
- "versions"
- "dzip.sh"
script: |
@@ -64,6 +65,10 @@ script: |
mkdir gcc
cd gcc
tar -xjvf ../gcc.tar.bz2
+ cd gcc-*
+ # Don't use /dev/random on Windows. See bug 13169 for details.
+ patch -p1 < ../../gcc-dev-random.patch
+ cd ..
# We don't want to link against msvcrt.dll due to bug 9084.
i686-w64-mingw32-g++ -dumpspecs > ~/build/msvcr100.spec
sed 's/msvcrt/msvcr100/' -i ~/build/msvcr100.spec
diff --git a/gitian/patches/gcc-dev-random.patch b/gitian/patches/gcc-dev-random.patch
new file mode 100644
index 0000000..9757f92
--- /dev/null
+++ b/gitian/patches/gcc-dev-random.patch
@@ -0,0 +1,72 @@
+From b0ce14899060267b5b5e4d7e3d91edcdf5c09514 Mon Sep 17 00:00:00 2001
+From: law <law at 138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Tue, 10 Feb 2015 01:44:08 +0000
+Subject: [PATCH] * ssp.c (__guard_setup): For Windows, use approved methods
+ to get a suitable random number for the stack check guard
+ rather than reading /dev/random.
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@220559 138bc75d-0d04-0410-961f-82ee72b054a4
+---
+ libssp/ChangeLog | 7 +++++++
+ libssp/ssp.c | 16 ++++++++++++++++
+ 2 files changed, 23 insertions(+)
+
+diff --git a/libssp/ChangeLog b/libssp/ChangeLog
+index a445537..676d2a7 100644
+--- a/libssp/ChangeLog
++++ b/libssp/ChangeLog
+@@ -1,3 +1,10 @@
++2015-02-09 Georg Koppen <gk at torproject.org>
++
++ * ssp.c: Conditionally include <windows.h>
++ (__guard_setup): For Windows, use approved methods to get
++ a suitable random number for the stack check guard rather
++ than reading /dev/random.
++
+ 2014-07-16 Release Manager
+
+ * GCC 4.9.1 released.
+diff --git a/libssp/ssp.c b/libssp/ssp.c
+index 96adf17..38e3ec8 100644
+--- a/libssp/ssp.c
++++ b/libssp/ssp.c
+@@ -55,6 +55,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
+ /* Native win32 apps don't know about /dev/tty but can print directly
+ to the console using "CONOUT$" */
+ #if defined (_WIN32) && !defined (__CYGWIN__)
++#include <windows.h>
+ # define _PATH_TTY "CONOUT$"
+ #else
+ # define _PATH_TTY "/dev/tty"
+@@ -75,6 +76,20 @@ __guard_setup (void)
+ if (__stack_chk_guard != 0)
+ return;
+
++#if defined (_WIN32) && !defined (__CYGWIN__)
++ HCRYPTPROV hprovider = 0;
++ if (CryptAcquireContext(&hprovider, NULL, NULL, PROV_RSA_FULL,
++ CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
++ {
++ if (CryptGenRandom(hprovider, sizeof (__stack_chk_guard),
++ (BYTE *)&__stack_chk_guard) && __stack_chk_guard != 0)
++ {
++ CryptReleaseContext(hprovider, 0);
++ return;
++ }
++ CryptReleaseContext(hprovider, 0);
++ }
++#else
+ fd = open ("/dev/urandom", O_RDONLY);
+ if (fd != -1)
+ {
+@@ -85,6 +100,7 @@ __guard_setup (void)
+ return;
+ }
+
++#endif
+ /* If a random generator can't be used, the protector switches the guard
+ to the "terminator canary". */
+ p = (unsigned char *) &__stack_chk_guard;
+--
+1.7.10.4
+
More information about the tbb-commits
mailing list