From 94cf335f2ec8f4e19250b873aba7ee4eddd7c0d2 Mon Sep 17 00:00:00 2001
From: Eugene Crosser <crosser@average.org>
Date: Sun, 5 Nov 2017 20:25:20 +0100
Subject: [PATCH] Initialize pad memory to pacify stack protectors

- Initialize memory area that is being encrypted, because it is allocated
  rounded up to CBLKSIZE, and the last bytes are not used. If stack
  protector is active, it detects access to uninitialized memory.
- Change default pamdir to /lib/${host_cpu}-${host_os}/security.
- Fix a couple of compilation warnings.
---
 .gitignore      | 1 +
 authobj.c       | 9 +++++++++
 configure.ac    | 9 +++++----
 pcsc_cr.c       | 2 +-
 test_chalresp.c | 2 +-
 5 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0fb0193..9bad79d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,6 +12,7 @@ Makefile
 Makefile.in
 aclocal.m4
 autom4te.cache/
+compile
 config.guess
 config.h
 config.h.in
diff --git a/authobj.c b/authobj.c
index b402094..deba028 100644
--- a/authobj.c
+++ b/authobj.c
@@ -126,6 +126,15 @@ make_authobj(const char *userid, const char *password, const char *nonce,
 	datasize = ((secsize + paylsize + HASHSIZE + 4 * sizeof(short) - 1) /
 			CBLKSIZE + 1) * CBLKSIZE;
 	data = alloca(datasize);
+	/* 
+	   We allocate memory rounded up to CBLKSIZE on the stack, but do not
+	   use the last bytes. Stack protectors, if enabled, fill this memory
+	   with `canary` value. Later, when encryption function is called,
+	   stack protector detects that it tries to access "uninitialized
+	   memory". Which, while technically true, is not an error. Still,
+	   let us make stack protector happy by initializing the whole area:
+	 */
+	memset(data, 0, datasize);
 	serial_init(&srl, data, datasize);
 	if (serial_put(&srl, secret, secsize) != secsize) {
 		ao.err = "authobj: serialization of secret failed";
diff --git a/configure.ac b/configure.ac
index 0fc618e..e6bd59a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,6 +1,6 @@
 dnl Process this file with autoconf to produce a configure script.
 
-AC_INIT([pam_pcsc_cr], 0.9.3)
+AC_INIT([pam_pcsc_cr], 0.9.4)
 AC_CONFIG_SRCDIR([pam_pcsc_cr.c])
 AC_CONFIG_MACRO_DIR([m4])
 AM_INIT_AUTOMAKE
@@ -28,13 +28,14 @@ AC_CHECK_HEADERS([security/pam_modules.h security/pam_ext.h], [], [], [
 ])
 AC_CHECK_LIB([pam], [pam_start])
 AC_CHECK_FUNCS([pam_get_authtok])
+pamdir=/lib/${host_cpu}-${host_os}/security
 AC_ARG_WITH(pam-dir,
-	[  --with-pam-dir=DIR      path to install the PAM module (/lib/security)],
+	[  --with-pam-dir=DIR      path to install the PAM module (${pamdir})],
 	[PAMDIR="$withval"],
 	[
 case $prefix in
-*/_inst) PAMDIR='${exec_prefix}/lib/security' ;;
-*)       PAMDIR=/lib/security ;;
+*/_inst) PAMDIR="${prefix}${pamdir}" ;;
+*)       PAMDIR=${pamdir} ;;
 esac
 ])
 AC_SUBST(PAMDIR)
diff --git a/pcsc_cr.c b/pcsc_cr.c
index 984f73b..7f2ccff 100644
--- a/pcsc_cr.c
+++ b/pcsc_cr.c
@@ -132,7 +132,7 @@ free_out:
 	return rc;
 }
 
-char *pcsc_errstr(long err) {
+const char *pcsc_errstr(long err) {
 	return pcsc_stringify_error(err);
 }
 
diff --git a/test_chalresp.c b/test_chalresp.c
index 5fda704..4f0c3e0 100644
--- a/test_chalresp.c
+++ b/test_chalresp.c
@@ -30,7 +30,7 @@ freely, subject to the following restrictions:
 #include <string.h>
 #include "pcsc_cr.h"
 
-static void usage(const char const *cmd)
+static void usage(const char *const cmd)
 {
 	fprintf(stderr,
 		"usage: %s [-o backend:name=value] ... \"challenge\"\n",
-- 
2.39.2