yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add magic tag to BoringSSL binaries.

Browse Source 
There are cases where people grep binaries for strings like OpenSSL
version strings in order to detect when out-dated versions of libraries
are being used. With BoringSSL you might find "OpenSSL 1.1.1
(compatible; BoringSSL)", if the linker didn't discard it, but that's
not very helpful for knowing how up-to-date BoringSSL is because we
hardly ever change it.

This change adds a distinct random value to search for that uniquely
identifies BoringSSL and includes a rough guide to how old the BoringSSL
copy is. The linker will hopefully not discard it because it's
refereneced from |OPENSSL_malloc|.

Change-Id: Ie2259fd17a55d249a538a8a161b0d755396dd7b8
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49885
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
This commit is contained in:
Adam Langley 2021-10-12 12:43:14 -07:00 committed by Boringssl LUCI CQ
parent 1dcdbdad91
commit 89386ac89b
1 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
crypto/mem.c
View File

@ -125,6 +125,16 @@ WEAK_SYMBOL_FUNC(void*, OPENSSL_memory_alloc, (size_t size));
WEAK_SYMBOL_FUNC(void, OPENSSL_memory_free, (void *ptr));
WEAK_SYMBOL_FUNC(size_t, OPENSSL_memory_get_size, (void *ptr));
// kBoringSSLBinaryTag is a distinctive byte sequence to identify binaries that
// are linking in BoringSSL and, roughly, what version they are using.
static const uint8_t kBoringSSLBinaryTag[18] = {
// 16 bytes of magic tag.
0x8c, 0x62, 0x20, 0x0b, 0xd2, 0xa0, 0x72, 0x58,
0x44, 0xa8, 0x96, 0x69, 0xad, 0x55, 0x7e, 0xec,
// Current source iteration. Incremented ~monthly.
1, 0,
};
void *OPENSSL_malloc(size_t size) {
if (OPENSSL_memory_alloc != NULL) {
assert(OPENSSL_memory_free != NULL);
@ -133,6 +143,14 @@ void *OPENSSL_malloc(size_t size) {
}
if (size + OPENSSL_MALLOC_PREFIX < size) {
// |OPENSSL_malloc| is a central function in BoringSSL thus a reference to
// |kBoringSSLBinaryTag| is created here so that the tag isn't discarded by
// the linker. The following is sufficient to stop GCC, Clang, and MSVC
// optimising away the reference at the time of writing. Since this
// probably results in an actual memory reference, it is put in this very
// rare code path.
uint8_t unused = *(volatile uint8_t *)kBoringSSLBinaryTag;
(void) unused;
return NULL;
}