[vlc-devel] [PATCH] contrib: gnutls: fix forbidden calls in Winstore builds

Rémi Denis-Courmont remi at remlab.net
Tue Jun 9 17:31:10 CEST 2020 

Le tiistaina 9. kesäkuuta 2020, 14.11.22 EEST Steve Lhomme a écrit :
> Backport a UNICODE fix that was merged after the GnuTLS code freeze.
> 
> Forbid call to GetHandleInformation(). fcntl never goes in that code section
> in Winstore builds. It's only used for linux random number generation.

Patch OK.

FWIW, fnctl(F_SETFD) is probably wrong on Linux anyway. That function should 
be removed altogether.

> 
> Do not allow calling SecureZeroMemory which is forbidden which is forbidden
> and not available as an inline function in some cases.
> ---
>  ...t-assume-that-UNICODE-is-not-defined.patch | 111 ++++++++++++++++++
>  ...o-not-call-SecureZeroMemory-on-UWP-b.patch |  43 +++++++
>  ...l-GetHandleInformation-in-Winstore-a.patch |  41 +++++++
>  contrib/src/gnutls/rules.mak                  |  11 ++
>  4 files changed, 206 insertions(+)
>  create mode 100644
> contrib/src/gnutls/0001-Don-t-assume-that-UNICODE-is-not-defined.patch
> create mode 100644
> contrib/src/gnutls/0001-explicit_bzero-Do-not-call-SecureZeroMemory-on-UWP-
> b.patch create mode 100644
> contrib/src/gnutls/0001-fcntl-do-not-call-GetHandleInformation-in-Winstore-
> a.patch
> 
> diff --git
> a/contrib/src/gnutls/0001-Don-t-assume-that-UNICODE-is-not-defined.patch
> b/contrib/src/gnutls/0001-Don-t-assume-that-UNICODE-is-not-defined.patch
> new file mode 100644
> index 000000000000..23114a89ea75
> --- /dev/null
> +++ b/contrib/src/gnutls/0001-Don-t-assume-that-UNICODE-is-not-defined.patch
> @@ -0,0 +1,111 @@
> +From 57f80070ccd8461a224cc84b255844539ab72a8d Mon Sep 17 00:00:00 2001
> +From: Bruno Haible <bruno at clisp.org>
> +Date: Sat, 30 May 2020 11:04:02 +0200
> +Subject: [PATCH] Don't assume that UNICODE is not defined.
> +
> +Many Windows API functions are defined differently (redirecting to a
> +function with suffix 'W') if the application defines the macro UNICODE
> +than by default (redirecting to a function with suffix 'A').
> +
> +* gnutls/gl/clean-temp.c (OSVERSIONINFO, GetVersionEx): Redirect to the
> +variant with suffix 'A'.
> +* gnutls/gl/dirent-private.h (WIN32_FIND_DATA): Likewise.
> +* gnutls/gl/gc-gnulib.c (CryptAcquireContext): Likewise.
> +* gnutls/gl/getaddrinfo.c (GetModuleHandle): Likewise.
> +* gnutls/gl/getlogin.c (GetUserName): Likewise.
> +* gnutls/gl/getlogin_r.c (GetUserName): Likewise.
> +* gnutls/gl/gettimeofday.c (LoadLibrary): Likewise.
> +* gnutls/gl/isatty.c (LoadLibrary, QueryFullProcessImageName): Likewise.
> +* gnutls/gl/link.c (GetModuleHandle, CreateHardLink): Likewise.
> +* gnutls/gl/localename.c (GetLocaleInfo, EnumSystemLocales): Likewise.
> +* gnutls/gl/mountlist.c (GetDriveType): Likewise.
> +* gnutls/gl/nonblocking.c (GetNamedPipeHandleState): Likewise.
> +* gnutls/gl/opendir.c (WIN32_FIND_DATA, GetFullPathName, FindFirstFile):
> +Likewise.
> +* gnutls/gl/physmem.c (GetModuleHandle): Likewise.
> +* gnutls/gl/poll.c (GetModuleHandle, PeekConsoleInput, CreateEvent,
> +PeekMessage, DispatchMessage): Likewise.
> +* gnutls/gl/progreloc.c (GetModuleFileName): Likewise.
> +* gnutls/gl/putenv.c (SetEnvironmentVariable): Likewise.
> +* gnutls/gl/read.c (GetNamedPipeHandleState): Likewise.
> +* gnutls/gl/readdir.c (FindNextFile): Likewise.
> +* gnutls/gl/relocatable.c (GetModuleFileName): Likewise.
> +* gnutls/gl/rename.c (MoveFileEx): Likewise.
> +* gnutls/gl/rewinddir.c (FindFirstFile): Likewise.
> +* gnutls/gl/select.c (GetModuleHandle, PeekConsoleInput, CreateEvent,
> +PeekMessage, DispatchMessage): Likewise.
> +* gnutls/gl/sethostname.c (GetComputerNameEx, SetComputerNameEx): Likewise.
> +* gnutls/gl/socket.c (WSASocket): Likewise.
> +* gnutls/gl/stat-w32.c (LoadLibrary, GetFinalPathNameByHandle): Likewise.
> +* gnutls/gl/stat.c (WIN32_FIND_DATA, CreateFile, FindFirstFile): Likewise.
> +* gnutls/gl/stdio-read.c (GetNamedPipeHandleState): Likewise.
> +* gnutls/gl/stdio-write.c (GetNamedPipeHandleState): Likewise.
> +* gnutls/gl/tmpdir.c (GetTempPath): Likewise.
> +* gnutls/gl/tmpfile.c (OSVERSIONINFO, GetVersionEx, GetTempPath): Likewise.
> +* gnutls/gl/uname.c (OSVERSIONINFO, GetVersionEx): Likewise.
> +* gnutls/gl/utime.c (CreateFile, GetFileAttributes): Likewise.
> +* gnutls/gl/windows-cond.c (CreateEvent): Likewise.
> +* gnutls/gl/windows-rwlock.c (CreateEvent): Likewise.
> +* gnutls/gl/windows-timedmutex.c (CreateEvent): Likewise.
> +* gnutls/gl/windows-timedrecmutex.c (CreateEvent): Likewise.
> +* gnutls/gl/windows-timedrwlock.c (CreateEvent): Likewise.
> +* gnutls/gl/write.c (GetNamedPipeHandleState): Likewise.
> +---
> + gnutls/gl/gettimeofday.c          |  4 +++
> + gnutls/gl/stat-w32.c              |  6 +++++
> + gnutls/gl/stat.c                  |  7 ++++++
> + 40 files changed, 279 insertions(+), 27 deletions(-)
> +
> +diff --git gnutls/gl/gettimeofday.c gnutls/gl/gettimeofday.c
> +index 93914ba92..305ab984e 100644
> +--- gnutls/gl/gettimeofday.c
> ++++ gnutls/gl/gettimeofday.c
> +@@ -33,6 +33,10 @@
> +
> + #ifdef WINDOWS_NATIVE
> +
> ++/* Don't assume that UNICODE is not defined.  */
> ++# undef LoadLibrary
> ++# define LoadLibrary LoadLibraryA
> ++
> + # if !(_WIN32_WINNT >= _WIN32_WINNT_WIN8)
> +
> + /* Avoid warnings from gcc -Wcast-function-type.  */
> +diff --git gnutls/gl/stat-w32.c gnutls/gl/stat-w32.c
> +index cca12dd9c..19bdfaa37 100644
> +--- gnutls/gl/stat-w32.c
> ++++ gnutls/gl/stat-w32.c
> +@@ -40,6 +40,12 @@
> + #include "pathmax.h"
> + #include "verify.h"
> +
> ++/* Don't assume that UNICODE is not defined.  */
> ++#undef LoadLibrary
> ++#define LoadLibrary LoadLibraryA
> ++#undef GetFinalPathNameByHandle
> ++#define GetFinalPathNameByHandle GetFinalPathNameByHandleA
> ++
> + #if !(_WIN32_WINNT >= _WIN32_WINNT_VISTA)
> +
> + /* Avoid warnings from gcc -Wcast-function-type.  */
> +diff --git gnutls/gl/stat.c gnutls/gl/stat.c
> +index e074e6a0a..9d3965d3c 100644
> +--- gnutls/gl/stat.c
> ++++ gnutls/gl/stat.c
> +@@ -65,6 +65,13 @@ orig_stat (const char *filename, struct stat *buf)
> + # define WIN32_LEAN_AND_MEAN
> + # include <windows.h>
> + # include "stat-w32.h"
> ++/* Don't assume that UNICODE is not defined.  */
> ++# undef WIN32_FIND_DATA
> ++# define WIN32_FIND_DATA WIN32_FIND_DATAA
> ++# undef CreateFile
> ++# define CreateFile CreateFileA
> ++# undef FindFirstFile
> ++# define FindFirstFile FindFirstFileA
> + #endif
> +
> + #ifdef WINDOWS_NATIVE
> +--
> +2.26.0.windows.1
> +
> diff --git
> a/contrib/src/gnutls/0001-explicit_bzero-Do-not-call-SecureZeroMemory-on-UW
> P-b.patch
> b/contrib/src/gnutls/0001-explicit_bzero-Do-not-call-SecureZeroMemory-on-UW
> P-b.patch new file mode 100644
> index 000000000000..6e09b59e384d
> --- /dev/null
> +++
> b/contrib/src/gnutls/0001-explicit_bzero-Do-not-call-SecureZeroMemory-on-UW
> P-b.patch @@ -0,0 +1,43 @@
> +From 3c950e27a8d20603f100bf21d402f74355a495c1 Mon Sep 17 00:00:00 2001
> +From: Steve Lhomme <robux4 at ycbcr.xyz>
> +Date: Mon, 8 Jun 2020 16:07:59 +0200
> +Subject: [PATCH] explicit_bzero: Do not call SecureZeroMemory on UWP builds
> +
> +The call is forbidden:
> +https://docs.microsoft.com/en-us/previous-versions/windows/desktop/legacy/a
> a366877(v=vs.85) +
> +It's considered a legacy API and is implemented as an always inline
> function. +
> +There is no good replacement API that is available in UWP.
> +
> +Signed-off-by: Steve Lhomme <robux4 at ycbcr.xyz>
> +---
> + gnutls/gl/explicit_bzero.c | 5 ++++-
> + 1 file changed, 4 insertions(+), 1 deletion(-)
> +
> +diff --git gnutls/gl/explicit_bzero.c gnutls/gl/explicit_bzero.c
> +index b1df418e5..3b8cc4ea4 100644
> +--- gnutls/gl/explicit_bzero.c
> ++++ gnutls/gl/explicit_bzero.c
> +@@ -35,6 +35,9 @@
> + #if defined _WIN32 && !defined __CYGWIN__
> + # define  WIN32_LEAN_AND_MEAN
> + # include <windows.h>
> ++# if !defined WINAPI_FAMILY ||
> WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) ++#  define
> USE_SECURE_ZERO_MEMORY
> ++# endif
> + #endif
> +
> + #if _LIBC
> +@@ -48,7 +51,7 @@
> + void
> + explicit_bzero (void *s, size_t len)
> + {
> +-#if defined _WIN32 && !defined __CYGWIN__
> ++#if defined USE_SECURE_ZERO_MEMORY
> +   (void) SecureZeroMemory (s, len);
> + #elif HAVE_EXPLICIT_MEMSET
> +   explicit_memset (s, '\0', len);
> +--
> +2.26.0.windows.1
> +
> diff --git
> a/contrib/src/gnutls/0001-fcntl-do-not-call-GetHandleInformation-in-Winstor
> e-a.patch
> b/contrib/src/gnutls/0001-fcntl-do-not-call-GetHandleInformation-in-Winstor
> e-a.patch new file mode 100644
> index 000000000000..9175fbed2437
> --- /dev/null
> +++
> b/contrib/src/gnutls/0001-fcntl-do-not-call-GetHandleInformation-in-Winstor
> e-a.patch @@ -0,0 +1,41 @@
> +From 0c8ca1736ee07c7d7dbce05108120cf4f8937bd0 Mon Sep 17 00:00:00 2001
> +From: Steve Lhomme <robux4 at ycbcr.xyz>
> +Date: Thu, 4 Jun 2020 10:15:38 +0200
> +Subject: [PATCH] fcntl: do not call GetHandleInformation() in Winstore apps
> +
> +The API is forbidden [1] and HANDLE_FLAG_INHERIT would never be set as
> exec() +is not allowed either [2].
> +
> +[1]
> https://docs.microsoft.com/en-us/windows/win32/api/handleapi/nf-handleapi-g
> ethandleinformation +[2]
> https://docs.microsoft.com/en-us/cpp/cppcx/crt-functions-not-supported-in-u
> niversal-windows-platform-apps +---
> + gl/fcntl.c | 7 +++++++
> + 1 file changed, 7 insertions(+)
> +
> +diff --git a/gl/fcntl.c b/gl/fcntl.c
> +index 6b9927ec4..e316ca306 100644
> +--- a/gl/fcntl.c
> ++++ b/gl/fcntl.c
> +@@ -229,12 +229,19 @@ fcntl (int fd, int action, /* arg */...)
> +       {
> + # if defined _WIN32 && ! defined __CYGWIN__
> +         HANDLE handle = (HANDLE) _get_osfhandle (fd);
> ++#  if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
> +         DWORD flags;
> +         if (handle == INVALID_HANDLE_VALUE
> +             || GetHandleInformation (handle, &flags) == 0)
> +           errno = EBADF;
> +         else
> +           result = (flags & HANDLE_FLAG_INHERIT) ? 0 : FD_CLOEXEC;
> ++#  else /* ! WINAPI_PARTITION_DESKTOP */
> ++        if (handle == INVALID_HANDLE_VALUE)
> ++          errno = EBADF;
> ++        else
> ++          result = 0;
> ++#  endif /* ! WINAPI_PARTITION_DESKTOP */
> + # else /* !W32 */
> +         /* Use dup2 to reject invalid file descriptors.  No way to
> +            access this information, so punt.  */
> +--
> +2.26.0.windows.1
> +
> diff --git a/contrib/src/gnutls/rules.mak b/contrib/src/gnutls/rules.mak
> index 7db4a149952b..191dd8040cad 100644
> --- a/contrib/src/gnutls/rules.mak
> +++ b/contrib/src/gnutls/rules.mak
> @@ -20,6 +20,17 @@ $(TARBALLS)/gnutls-$(GNUTLS_VERSION).tar.xz:
>  gnutls: gnutls-$(GNUTLS_VERSION).tar.xz .sum-gnutls
>  	$(UNPACK)
>  	$(APPLY) $(SRC)/gnutls/gnutls-fix-mangling.patch
> +
> +	# backport gnulib patch
> +	$(APPLY) $(SRC)/gnutls/0001-Don-t-assume-that-UNICODE-is-not-
defined.patch
> +
> +	# fix forbidden UWP call which can't be upstreamed as they won't
> +	# differentiate for winstore, only _WIN32_WINNT
> +	$(APPLY)
> $(SRC)/gnutls/0001-fcntl-do-not-call-GetHandleInformation-in-Winstore-a.pat
> ch +
> +	# forbidden RtlSecureZeroMemory call in winstore builds
> +	$(APPLY)
> $(SRC)/gnutls/0001-explicit_bzero-Do-not-call-SecureZeroMemory-on-UWP-b.pat
> ch +
>  	# disable the dllimport in static linking (pkg-config --static 
doesn't
> handle Cflags.private) cd $(UNPACK_DIR) && sed -i.orig -e s/"_SYM_EXPORT
> __declspec(dllimport)"/"_SYM_EXPORT"/g lib/includes/gnutls/gnutls.h.in
> ifdef HAVE_ANDROID


-- 
レミ・デニ-クールモン
http://www.remlab.net/

More information about the vlc-devel mailing list