From e03e287aa2aad3ea993ed9513b6bb3f0bdf889a2 Mon Sep 17 00:00:00 2001
From: Brent Cook <bcook@cvs.openbsd.org>
Date: Sat, 27 Mar 2021 11:17:59 +0000
Subject: Handle dynamic definition of SIGSTKSZ as of glibc 2.34 on Linux.

ok bluhm@, inoguchi@, tb@, deraadt@
---
 regress/lib/libc/explicit_bzero/explicit_bzero.c | 31 ++++++++++++++++++------
 1 file changed, 24 insertions(+), 7 deletions(-)

(limited to 'regress/lib')

diff --git a/regress/lib/libc/explicit_bzero/explicit_bzero.c b/regress/lib/libc/explicit_bzero/explicit_bzero.c
index 34c60baa8a6..9c0e917829f 100644
--- a/regress/lib/libc/explicit_bzero/explicit_bzero.c
+++ b/regress/lib/libc/explicit_bzero/explicit_bzero.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: explicit_bzero.c,v 1.6 2014/07/11 01:10:35 matthew Exp $	*/
+/*	$OpenBSD: explicit_bzero.c,v 1.7 2021/03/27 11:17:58 bcook Exp $	*/
 /*
  * Copyright (c) 2014 Google Inc.
  *
@@ -18,6 +18,7 @@
 #include <assert.h>
 #include <errno.h>
 #include <signal.h>
+#include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
@@ -36,19 +37,33 @@ enum {
 	SECRETBYTES = SECRETCOUNT * sizeof(secret)
 };
 
-static char altstack[SIGSTKSZ + SECRETBYTES];
+/*
+ * As of glibc 2.34, when _GNU_SOURCE is defined, SIGSTKSZ is no longer
+ * constant on Linux. SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ).
+ */
+static char *altstack;
+#define ALTSTACK_SIZE (SIGSTKSZ + SECRETBYTES)
 
 static void
 setup_stack(void)
 {
+	altstack = calloc(1, ALTSTACK_SIZE);
+	ASSERT_NE(NULL, altstack);
+
 	const stack_t sigstk = {
 		.ss_sp = altstack,
-		.ss_size = sizeof(altstack),
+		.ss_size = ALTSTACK_SIZE
 	};
 
 	ASSERT_EQ(0, sigaltstack(&sigstk, NULL));
 }
 
+static void
+cleanup_stack(void)
+{
+	free(altstack);
+}
+
 static void
 assert_on_stack(void)
 {
@@ -129,7 +144,7 @@ test_without_bzero()
 	char buf[SECRETBYTES];
 	assert_on_stack();
 	populate_secret(buf, sizeof(buf));
-	char *res = memmem(altstack, sizeof(altstack), buf, sizeof(buf));
+	char *res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
 	ASSERT_NE(NULL, res);
 	return (res);
 }
@@ -140,7 +155,7 @@ test_with_bzero()
 	char buf[SECRETBYTES];
 	assert_on_stack();
 	populate_secret(buf, sizeof(buf));
-	char *res = memmem(altstack, sizeof(altstack), buf, sizeof(buf));
+	char *res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
 	ASSERT_NE(NULL, res);
 	explicit_bzero(buf, sizeof(buf));
 	return (res);
@@ -183,15 +198,17 @@ main()
 	 * on the stack.  This sanity checks that call_on_stack() and
 	 * populate_secret() work as intended.
 	 */
-	memset(altstack, 0, sizeof(altstack));
+	memset(altstack, 0, ALTSTACK_SIZE);
 	call_on_stack(do_test_without_bzero);
 
 	/*
 	 * Now test with a call to explicit_bzero() and check that we
 	 * *don't* find any instances of the secret data.
 	 */
-	memset(altstack, 0, sizeof(altstack));
+	memset(altstack, 0, ALTSTACK_SIZE);
 	call_on_stack(do_test_with_bzero);
 
+	cleanup_stack();
+
 	return (0);
 }
-- 
cgit v1.2.3