FIPS review #1

ghost · 2019-07-29T10:54:41Z

Port _hmacopenssl to multiphase init.
Make _hmacopenssl.HMAC.copy create same type as self.
hmac.py cosmetic nitpick

* Port _hmacopenssl to multiphase init. * Make _hmacopenssl.HMAC.copy create same type as self. * hmac.py cosmetic nitpick

``` Direct leak of 8 byte(s) in 1 object(s) allocated from: #0 0x7f008bf19667 in __interceptor_malloc (/lib64/libasan.so.6+0xb0667) #1 0x7f007a0bee4a in subprocess_fork_exec /home/heimes/dev/python/cpython/Modules/_posixsubprocess.c:774 #2 0xe0305b in cfunction_call Objects/methodobject.c:546 ``` Signed-off-by: Christian Heimes <[email protected]>

* bpo-40791: Make compare_digest more constant-time. The existing volatile `left`/`right` pointers guarantee that the reads will all occur, but does not guarantee that they will be _used_. So a compiler can still short-circuit the loop, saving e.g. the overhead of doing the xors and especially the overhead of the data dependency between `result` and the reads. That would change performance depending on where the first unequal byte occurs. This change removes that optimization. (This is change #1 from https://bugs.python.org/issue40791 .)

* bpo-40791: Make compare_digest more constant-time. The existing volatile `left`/`right` pointers guarantee that the reads will all occur, but does not guarantee that they will be _used_. So a compiler can still short-circuit the loop, saving e.g. the overhead of doing the xors and especially the overhead of the data dependency between `result` and the reads. That would change performance depending on where the first unequal byte occurs. This change removes that optimization. (This is change GH-1 from https://bugs.python.org/issue40791 .) (cherry picked from commit 3172936) Co-authored-by: Devin Jeanpierre <[email protected]>

``` Direct leak of 8 byte(s) in 1 object(s) allocated from: GH-0 0x7f008bf19667 in __interceptor_malloc (/lib64/libasan.so.6+0xb0667) GH-1 0x7f007a0bee4a in subprocess_fork_exec /home/heimes/dev/python/cpython/Modules/_posixsubprocess.c:774 GH-2 0xe0305b in cfunction_call Objects/methodobject.c:546 ``` Signed-off-by: Christian Heimes <[email protected]> (cherry picked from commit 0d3350d) Co-authored-by: Christian Heimes <[email protected]>

* bpo-40791: Make compare_digest more constant-time. The existing volatile `left`/`right` pointers guarantee that the reads will all occur, but does not guarantee that they will be _used_. So a compiler can still short-circuit the loop, saving e.g. the overhead of doing the xors and especially the overhead of the data dependency between `result` and the reads. That would change performance depending on where the first unequal byte occurs. This change removes that optimization. (This is change GH-1 from https://bugs.python.org/issue40791 .) (cherry picked from commit 3172936) Co-authored-by: Devin Jeanpierre <[email protected]>

) Fix test_gdb.test_pycfunction() for Python built with clang -Og. Tolerate inlined functions in the gdb traceback. When _testcapimodule.c is built by clang -Og, _null_to_none() is inlined in meth_varargs() and so gdb returns _null_to_none() as the frame #1. If it's not inlined, meth_varargs() is the frame #1.

…python#91466) Fix an uninitialized bool in exception print context. `struct exception_print_context.need_close` was uninitialized. Found by oss-fuzz in a test case running under the undefined behavior sanitizer. https://oss-fuzz.com/testcase-detail/6217746058182656 ``` Python/pythonrun.c:1241:28: runtime error: load of value 253, which is not a valid value for type 'bool' #0 0xbf2203 in print_chained cpython3/Python/pythonrun.c:1241:28 #1 0xbea4bb in print_exception_cause_and_context cpython3/Python/pythonrun.c:1320:19 #2 0xbea4bb in print_exception_recursive cpython3/Python/pythonrun.c:1470:13 #3 0xbe9e39 in _PyErr_Display cpython3/Python/pythonrun.c:1517:9 ``` Pretty obvious what the ommission was upon code inspection.

…ythonGH-23767) The existing volatile `left`/`right` pointers guarantee that the reads will all occur, but does not guarantee that they will be _used_. So a compiler can still short-circuit the loop, saving e.g. the overhead of doing the xors and especially the overhead of the data dependency between `result` and the reads. That would change performance depending on where the first unequal byte occurs. This change removes that optimization. (This is change GH-1 from https://bugs.python.org/issue40791 .) (cherry picked from commit 3172936) Co-authored-by: Devin Jeanpierre <[email protected]>

…es (#1… (python#108688) This reverts commit 08447b5. Revert also _ctypes.c changes of the PyDict_ContainsString() change, commit 6726626.

…ython#119498) (#1… (python#119905) Revert "[3.12] pythongh-69214: Fix fcntl.ioctl() request type (python#119498) (python#119505)" This reverts commit 078da88. The change modified how negative values, like termios.TIOCSWINSZ, was treated and is actually backward incompatible.

Marcel Plch and others added 4 commits July 29, 2019 12:45

FIPS review

125430e

* Port _hmacopenssl to multiphase init. * Make _hmacopenssl.HMAC.copy create same type as self. * hmac.py cosmetic nitpick

revert cosmetic nitpick and remove trailing whitespace

a7996ce

Add initial tests for various hashes under FIPS mode

6b74d9e

Initialize HMAC type.

64863fb

encukou merged commit 64863fb into encukou:fips Aug 1, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

FIPS review #1

FIPS review #1

Uh oh!

ghost commented Jul 29, 2019

Uh oh!

Uh oh!

FIPS review #1

FIPS review #1

Uh oh!

Conversation

ghost commented Jul 29, 2019

Uh oh!

Uh oh!