RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

TT#108003 Stop using random() 

While these usages are not supposed to be security sensitive, it's still
best to avoid the usage altogether so that we do not need to think about
it. Add a taint macro so that this does not regress in the future.

Change-Id: Ic75861ed1b7ce9dfca4f897de8be2408204ce3cb
Warned-by: coverity
pull/1194/head
Guillem Jover 5 years ago
parent
abb281daac
commit
962479bd63
7 changed files with 23 additions and 14 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -3
      daemon/codec.c
  2. +3
    -3
      daemon/media_player.c
  3. +1
    -1
      daemon/sdp.c
  4. +3
    -3
      daemon/ssrc.c
  5. +10
    -0
      include/aux.h
  6. +0
    -3
      lib/ssllib.c
  7. +3
    -1
      t/test-transcode.c

+ 3
- 3
daemon/codec.c View File

@ -368,7 +368,7 @@ struct codec_handler *codec_handler_make_playback(const struct rtp_payload_type
handler->ssrc_handler = (void *) __ssrc_handler_transcode_new(handler);
handler->ssrc_handler->first_ts = last_ts;
while (handler->ssrc_handler->first_ts == 0)
handler->ssrc_handler->first_ts = random();
handler->ssrc_handler->first_ts = ssl_random();
handler->ssrc_handler->rtp_mark = 1;
ilogs(codec, LOG_DEBUG, "Created media playback context for " STR_FORMAT " -> " STR_FORMAT "",
@ -1194,7 +1194,7 @@ static void __rtcp_timer_run(struct timerthread_queue *q, void *p) {
__rtcp_timer_free(rt);
goto out;
}
timeval_add_usec(&rtcp_timer, 5000000 + (random() % 2000000));
timeval_add_usec(&rtcp_timer, 5000000 + (ssl_random() % 2000000));
media->rtcp_timer = rtcp_timer;
__codec_rtcp_timer_schedule(media);
@ -1232,7 +1232,7 @@ static void __codec_rtcp_timer(struct call_media *receiver) {
return;
receiver->rtcp_timer = rtpe_now;
timeval_add_usec(&receiver->rtcp_timer, 5000000 + (random() % 2000000));
timeval_add_usec(&receiver->rtcp_timer, 5000000 + (ssl_random() % 2000000));
__codec_rtcp_timer_schedule(receiver);
// XXX unify with media player into a generic RTCP player
}


+ 3
- 3
daemon/media_player.c View File

@ -107,7 +107,7 @@ struct media_player *media_player_new(struct call_monologue *ml) {
uint32_t ssrc = 0;
while (ssrc == 0)
ssrc = random();
ssrc = ssl_random();
struct ssrc_ctx *ssrc_ctx = get_ssrc_ctx(ssrc, ml->call->ssrc_hash, SSRC_DIR_OUTPUT, ml);
ssrc_ctx->next_rtcp = rtpe_now;
@ -119,7 +119,7 @@ struct media_player *media_player_new(struct call_monologue *ml) {
mp->run_func = media_player_read_packet; // default
mp->call = obj_get(ml->call);
mp->ml = ml;
mp->seq = random();
mp->seq = ssl_random();
mp->ssrc_out = ssrc_ctx;
av_init_packet(&mp->pkt);
@ -174,7 +174,7 @@ static void send_timer_rtcp(struct send_timer *st, struct ssrc_ctx *ssrc_out) {
// XXX missing locking?
ssrc_out->next_rtcp = rtpe_now;
timeval_add_usec(&ssrc_out->next_rtcp, 5000000 + (random() % 2000000));
timeval_add_usec(&ssrc_out->next_rtcp, 5000000 + (ssl_random() % 2000000));
}


+ 1
- 1
daemon/sdp.c View File

@ -2455,7 +2455,7 @@ int sdp_replace(struct sdp_chopper *chop, GQueue *sessions, struct call_monologu
if (!monologue->sdp_version) {
monologue->sdp_version = session->origin.version_num;
if (monologue->sdp_version == 0 || monologue->sdp_version == ULLONG_MAX)
monologue->sdp_version = random();
monologue->sdp_version = ssl_random();
}
sess_conn = 0;


+ 3
- 3
daemon/ssrc.c View File

@ -14,7 +14,7 @@ static void init_ssrc_ctx(struct ssrc_ctx *c, struct ssrc_entry_call *parent) {
c->parent = parent;
payload_tracker_init(&c->tracker);
while (!c->ssrc_map_out)
c->ssrc_map_out = random();
c->ssrc_map_out = ssl_random();
}
static void init_ssrc_entry(struct ssrc_entry *ent, u_int32_t ssrc) {
ent->ssrc = ssrc;
@ -26,8 +26,8 @@ static struct ssrc_entry *create_ssrc_entry_call(void *uptr) {
ent = obj_alloc0("ssrc_entry_call", sizeof(*ent), __free_ssrc_entry_call);
init_ssrc_ctx(&ent->input_ctx, ent);
init_ssrc_ctx(&ent->output_ctx, ent);
//ent->seq_out = random();
//ent->ts_out = random();
//ent->seq_out = ssl_random();
//ent->ts_out = ssl_random();
return &ent->h;
}
static void add_ssrc_entry(u_int32_t ssrc, struct ssrc_entry *ent, struct ssrc_hash *ht) {


+ 10
- 0
include/aux.h View File

@ -242,6 +242,16 @@ INLINE int rlim(int res, rlim_t val) {
/*** TAINT FUNCTIONS ***/
#define taint_func(symbol, reason) \
__typeof__(symbol) symbol __attribute__((__error__(reason)))
taint_func(rand, "use ssl_random() instead");
taint_func(random, "use ssl_random() instead");
taint_func(srandom, "use RAND_seed() instead");
/*** INET ADDRESS HELPERS ***/


+ 0
- 3
lib/ssllib.c View File

@ -39,9 +39,6 @@ static void make_OpenSSL_thread_safe(void) {
void rtpe_ssl_init(void) {
struct timespec ts;
clock_gettime(CLOCK_REALTIME, &ts);
srandom(ts.tv_sec ^ ts.tv_nsec);
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
SSL_library_init();
SSL_load_error_strings();


+ 3
- 1
t/test-transcode.c View File

@ -333,8 +333,10 @@ static void dtmf(const char *s) {
#define AMR_WB_payload_noe "\xf1\xfc\xc1\x82\x04\x1d\xcc\x88\xc8\x34\xd4\x18\x84\xb1\xdf\x38\xba\xa1\x03\x9b\xbd\x13\x79\x1f\xf2\x53\x33\x16\x17\x7b\x73\x17\x5f\x1b\x05\x1f\x70" // bandwidth efficient
int main(void) {
unsigned long random_seed = 0;
codeclib_init(0);
srandom(time(NULL));
RAND_seed(&random_seed, sizeof(random_seed));
statistics_init();
codecs_init();


Write Preview
Loading…
Cancel
Save