commit d4950e565f93396ebbd310c71e49576af9224d25 Author: Georg Koppen gk@torproject.org Date: Mon Feb 16 17:13:47 2015 +0000

Bug 13169: Don't use /dev/random on Windows.

This patch got done by skruffy and is a backport of the one merged into GCC trunk as commit 19fef1633156a2c7ddd267b43d08f1b245a6e1f4. --- gitian/descriptors/windows/gitian-utils.yml | 5 ++ gitian/patches/gcc-dev-random.patch | 72 +++++++++++++++++++++++++++ 2 files changed, 77 insertions(+)

diff --git a/gitian/descriptors/windows/gitian-utils.yml b/gitian/descriptors/windows/gitian-utils.yml index 7846e59..bef262d 100644 --- a/gitian/descriptors/windows/gitian-utils.yml +++ b/gitian/descriptors/windows/gitian-utils.yml @@ -28,6 +28,7 @@ files: - "gmp.tar.bz2" - "enable-reloc-section-ld.patch" - "peXXigen.patch" +- "gcc-dev-random.patch" - "versions" - "dzip.sh" script: | @@ -64,6 +65,10 @@ script: | mkdir gcc cd gcc tar -xjvf ../gcc.tar.bz2 + cd gcc-* + # Don't use /dev/random on Windows. See bug 13169 for details. + patch -p1 < ../../gcc-dev-random.patch + cd .. # We don't want to link against msvcrt.dll due to bug 9084. i686-w64-mingw32-g++ -dumpspecs > ~/build/msvcr100.spec sed 's/msvcrt/msvcr100/' -i ~/build/msvcr100.spec diff --git a/gitian/patches/gcc-dev-random.patch b/gitian/patches/gcc-dev-random.patch new file mode 100644 index 0000000..9757f92 --- /dev/null +++ b/gitian/patches/gcc-dev-random.patch @@ -0,0 +1,72 @@ +From b0ce14899060267b5b5e4d7e3d91edcdf5c09514 Mon Sep 17 00:00:00 2001 +From: law law@138bc75d-0d04-0410-961f-82ee72b054a4 +Date: Tue, 10 Feb 2015 01:44:08 +0000 +Subject: [PATCH] * ssp.c (__guard_setup): For Windows, use approved methods + to get a suitable random number for the stack check guard + rather than reading /dev/random. + +git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@220559 138bc75d-0d04-0410-961f-82ee72b054a4 +--- + libssp/ChangeLog | 7 +++++++ + libssp/ssp.c | 16 ++++++++++++++++ + 2 files changed, 23 insertions(+) + +diff --git a/libssp/ChangeLog b/libssp/ChangeLog +index a445537..676d2a7 100644 +--- a/libssp/ChangeLog ++++ b/libssp/ChangeLog +@@ -1,3 +1,10 @@ ++2015-02-09 Georg Koppen gk@torproject.org ++ ++ * ssp.c: Conditionally include <windows.h> ++ (__guard_setup): For Windows, use approved methods to get ++ a suitable random number for the stack check guard rather ++ than reading /dev/random. ++ + 2014-07-16 Release Manager + + * GCC 4.9.1 released. +diff --git a/libssp/ssp.c b/libssp/ssp.c +index 96adf17..38e3ec8 100644 +--- a/libssp/ssp.c ++++ b/libssp/ssp.c +@@ -55,6 +55,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see + /* Native win32 apps don't know about /dev/tty but can print directly + to the console using "CONOUT$" */ + #if defined (_WIN32) && !defined (__CYGWIN__) ++#include <windows.h> + # define _PATH_TTY "CONOUT$" + #else + # define _PATH_TTY "/dev/tty" +@@ -75,6 +76,20 @@ __guard_setup (void) + if (__stack_chk_guard != 0) + return; + ++#if defined (_WIN32) && !defined (__CYGWIN__) ++ HCRYPTPROV hprovider = 0; ++ if (CryptAcquireContext(&hprovider, NULL, NULL, PROV_RSA_FULL, ++ CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) ++ { ++ if (CryptGenRandom(hprovider, sizeof (__stack_chk_guard), ++ (BYTE *)&__stack_chk_guard) && __stack_chk_guard != 0) ++ { ++ CryptReleaseContext(hprovider, 0); ++ return; ++ } ++ CryptReleaseContext(hprovider, 0); ++ } ++#else + fd = open ("/dev/urandom", O_RDONLY); + if (fd != -1) + { +@@ -85,6 +100,7 @@ __guard_setup (void) + return; + } + ++#endif + /* If a random generator can't be used, the protector switches the guard + to the "terminator canary". */ + p = (unsigned char *) &__stack_chk_guard; +-- +1.7.10.4 +