diff options
author | delphij <delphij@FreeBSD.org> | 2016-01-27 07:41:31 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2016-01-27 07:41:31 +0000 |
commit | c6068befe92b8a57c14895fce91c3f9f484112ae (patch) | |
tree | b594030d53fff8bb3c208102e7c681b13bd35f59 /contrib/ntp/tests/libntp/authkeys.c | |
parent | 081d2796398eccde663726fb1d7073ada3146548 (diff) | |
download | FreeBSD-src-c6068befe92b8a57c14895fce91c3f9f484112ae.zip FreeBSD-src-c6068befe92b8a57c14895fce91c3f9f484112ae.tar.gz |
Fix multiple vulnerabilities of ntp. [SA-16:09]
Fix Linux compatibility layer issetugid(2) system call
vulnerability. [SA-16:10]
Security: FreeBSD-SA-16:09.ntp
Security: FreeBSD-SA-16:10.linux
Approved by: so
Diffstat (limited to 'contrib/ntp/tests/libntp/authkeys.c')
-rw-r--r-- | contrib/ntp/tests/libntp/authkeys.c | 40 |
1 files changed, 39 insertions, 1 deletions
diff --git a/contrib/ntp/tests/libntp/authkeys.c b/contrib/ntp/tests/libntp/authkeys.c index 2ddbce5..fd11ef6 100644 --- a/contrib/ntp/tests/libntp/authkeys.c +++ b/contrib/ntp/tests/libntp/authkeys.c @@ -13,6 +13,7 @@ # include "openssl/rand.h" # include "openssl/evp.h" #endif +#include <limits.h> u_long current_time = 4; int counter = 0; @@ -27,6 +28,7 @@ void test_HaveKeyCorrect(void); void test_HaveKeyIncorrect(void); void test_AddWithAuthUseKey(void); void test_EmptyKey(void); +void test_auth_log2(void); void @@ -70,7 +72,7 @@ AddTrustedKey(keyid_t keyno) * We need to add a MD5-key in addition to setting the * trust, because authhavekey() requires type != 0. */ - MD5auth_setkey(keyno, KEYTYPE, NULL, 0); + MD5auth_setkey(keyno, KEYTYPE, NULL, 0, NULL); authtrust(keyno, TRUE); @@ -158,3 +160,39 @@ test_EmptyKey(void) return; } + +/* test the implementation of 'auth_log2' -- use a local copy of the code */ + +static u_short +auth_log2( + size_t x) +{ + int s; + int r = 0; + size_t m = ~(size_t)0; + + for (s = sizeof(size_t) / 2 * CHAR_BIT; s != 0; s >>= 1) { + m <<= s; + if (x & m) + r += s; + else + x <<= s; + } + return (u_short)r; +} + +void +test_auth_log2(void) +{ + int l2; + size_t tv; + + TEST_ASSERT_EQUAL_INT(0, auth_log2(0)); + TEST_ASSERT_EQUAL_INT(0, auth_log2(1)); + for (l2 = 1; l2 < sizeof(size_t)*CHAR_BIT; ++l2) { + tv = (size_t)1 << l2; + TEST_ASSERT_EQUAL_INT(l2, auth_log2( tv )); + TEST_ASSERT_EQUAL_INT(l2, auth_log2( tv + 1 )); + TEST_ASSERT_EQUAL_INT(l2, auth_log2(2*tv - 1)); + } +} |