Merge pull request from GHSA-8r8p-23f3-64c2

* segment random number generation into own file

* abstract random code to make it more modular so we can have multiple backends

* rand: add support for arc4random_buf() and also direct CARES_RANDOM_FILE reading

* autotools: fix detection of arc4random_buf

* rework initial rc4 seed for PRNG as last fallback

* rc4: more proper implementation, simplified for clarity

* clarifications

Author: bradh352

CMakeLists.txt

@@ -393,6 +393,8 @@ CHECK_SYMBOL_EXISTS (strncasecmp     "${CMAKE_EXTRA_INCLUDE_FILES}" HAVE_STRNCAS
 CHECK_SYMBOL_EXISTS (strncmpi        "${CMAKE_EXTRA_INCLUDE_FILES}" HAVE_STRNCMPI)
 CHECK_SYMBOL_EXISTS (strnicmp        "${CMAKE_EXTRA_INCLUDE_FILES}" HAVE_STRNICMP)
 CHECK_SYMBOL_EXISTS (writev          "${CMAKE_EXTRA_INCLUDE_FILES}" HAVE_WRITEV)
+CHECK_SYMBOL_EXISTS (arc4random_buf  "${CMAKE_EXTRA_INCLUDE_FILES}" HAVE_ARC4RANDOM_BUF)
+
 
 # On Android, the system headers may define __system_property_get(), but excluded
 # from libc.  We need to perform a link test instead of a header/symbol test.

configure.ac

@@ -683,6 +683,7 @@ CARES_CHECK_FUNC_STRNCASECMP
 CARES_CHECK_FUNC_STRNCMPI
 CARES_CHECK_FUNC_STRNICMP
 CARES_CHECK_FUNC_WRITEV
+CARES_CHECK_FUNC_ARC4RANDOM_BUF
 
 
 dnl check for AF_INET6

m4/cares-functions.m4

@@ -3753,3 +3753,88 @@ AC_DEFUN([CARES_CHECK_FUNC_WRITEV], [
     ac_cv_func_writev="no"
   fi
 ])
+
+dnl CARES_CHECK_FUNC_ARC4RANDOM_BUF
+dnl -------------------------------------------------
+dnl Verify if arc4random_buf is available, prototyped, and
+dnl can be compiled. If all of these are true, and
+dnl usage has not been previously disallowed with
+dnl shell variable cares_disallow_arc4random_buf, then
+dnl HAVE_ARC4RANDOM_BUF will be defined.
+
+AC_DEFUN([CARES_CHECK_FUNC_ARC4RANDOM_BUF], [
+  AC_REQUIRE([CARES_INCLUDES_STDLIB])dnl
+  #
+  tst_links_arc4random_buf="unknown"
+  tst_proto_arc4random_buf="unknown"
+  tst_compi_arc4random_buf="unknown"
+  tst_allow_arc4random_buf="unknown"
+  #
+  AC_MSG_CHECKING([if arc4random_buf can be linked])
+  AC_LINK_IFELSE([
+    AC_LANG_FUNC_LINK_TRY([arc4random_buf])
+  ],[
+    AC_MSG_RESULT([yes])
+    tst_links_arc4random_buf="yes"
+  ],[
+    AC_MSG_RESULT([no])
+    tst_links_arc4random_buf="no"
+  ])
+  #
+  if test "$tst_links_arc4random_buf" = "yes"; then
+    AC_MSG_CHECKING([if arc4random_buf is prototyped])
+    AC_EGREP_CPP([arc4random_buf],[
+      $cares_includes_stdlib
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_proto_arc4random_buf="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_proto_arc4random_buf="no"
+    ])
+  fi
+  #
+  if test "$tst_proto_arc4random_buf" = "yes"; then
+    AC_MSG_CHECKING([if arc4random_buf is compilable])
+    AC_COMPILE_IFELSE([
+      AC_LANG_PROGRAM([[
+        $cares_includes_stdlib
+      ]],[[
+          arc4random_buf(NULL, 0);
+          return 1;
+      ]])
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_compi_arc4random_buf="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_compi_arc4random_buf="no"
+    ])
+  fi
+  #
+  if test "$tst_compi_arc4random_buf" = "yes"; then
+    AC_MSG_CHECKING([if arc4random_buf usage allowed])
+    if test "x$cares_disallow_arc4random_buf" != "xyes"; then
+      AC_MSG_RESULT([yes])
+      tst_allow_arc4random_buf="yes"
+    else
+      AC_MSG_RESULT([no])
+      tst_allow_arc4random_buf="no"
+    fi
+  fi
+  #
+  AC_MSG_CHECKING([if arc4random_buf might be used])
+  if test "$tst_links_arc4random_buf" = "yes" &&
+     test "$tst_proto_arc4random_buf" = "yes" &&
+     test "$tst_compi_arc4random_buf" = "yes" &&
+     test "$tst_allow_arc4random_buf" = "yes"; then
+    AC_MSG_RESULT([yes])
+    AC_DEFINE_UNQUOTED(HAVE_ARC4RANDOM_BUF, 1,
+      [Define to 1 if you have the arc4random_buf function.])
+    ac_cv_func_arc4random_buf="yes"
+  else
+    AC_MSG_RESULT([no])
+    ac_cv_func_arc4random_buf="no"
+  fi
+])
+

src/lib/Makefile.inc

@@ -45,6 +45,7 @@ CSOURCES = ares__addrinfo2hostent.c	\
   ares_platform.c			\
   ares_process.c			\
   ares_query.c				\
+  ares_rand.c \
   ares_search.c				\
   ares_send.c				\
   ares_strcasecmp.c			\

src/lib/ares_config.h.cmake

@@ -346,6 +346,9 @@
 /* Define to 1 if you need the memory.h header file even with stdlib.h */
 #cmakedefine NEED_MEMORY_H
 
+/* Define if have arc4random_buf() */
+#cmakedefine HAVE_ARC4RANDOM_BUF
+
 /* a suitable file/device to read random data from */
 #cmakedefine CARES_RANDOM_FILE "@CARES_RANDOM_FILE@"
 

src/lib/ares_destroy.c

@@ -95,6 +95,9 @@ void ares_destroy(ares_channel channel)
   if (channel->hosts_path)
     ares_free(channel->hosts_path);
 
+  if (channel->rand_state)
+    ares__destroy_rand_state(channel->rand_state);
+
   ares_free(channel);
 }
 

src/lib/ares_init.c

@@ -61,17 +61,6 @@
 #undef WIN32  /* Redefined in MingW/MSVC headers */
 #endif
 
-/* Define RtlGenRandom = SystemFunction036.  This is in advapi32.dll.  There is
- * no need to dynamically load this, other software used widely does not.
- * http://blogs.msdn.com/michael_howard/archive/2005/01/14/353379.aspx
- * https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-rtlgenrandom
- */
-#ifdef _WIN32
-BOOLEAN WINAPI SystemFunction036(PVOID RandomBuffer, ULONG RandomBufferLength);
-#  ifndef RtlGenRandom
-#    define RtlGenRandom(a,b) SystemFunction036(a,b)
-#  endif
-#endif
 
 static int init_by_options(ares_channel channel,
                            const struct ares_options *options,
@@ -87,7 +76,6 @@ static int config_nameserver(struct server_state **servers, int *nservers,
 static int set_search(ares_channel channel, const char *str);
 static int set_options(ares_channel channel, const char *str);
 static const char *try_option(const char *p, const char *q, const char *opt);
-static int init_id_key(rc4_key* key,int key_data_len);
 
 static int config_sortlist(struct apattern **sortlist, int *nsort,
                            const char *str);
@@ -165,6 +153,7 @@ int ares_init_options(ares_channel *channelptr, struct ares_options *options,
   channel->sock_func_cb_data = NULL;
   channel->resolvconf_path = NULL;
   channel->hosts_path = NULL;
+  channel->rand_state = NULL;
 
   channel->last_server = 0;
   channel->last_timeout_processed = (time_t)now.tv_sec;
@@ -218,9 +207,13 @@ int ares_init_options(ares_channel *channelptr, struct ares_options *options,
   /* Generate random key */
 
   if (status == ARES_SUCCESS) {
-    status = init_id_key(&channel->id_key, ARES_ID_KEY_LEN);
+    channel->rand_state = ares__init_rand_state();
+    if (channel->rand_state == NULL) {
+      status = ARES_ENOMEM;
+    }
+
     if (status == ARES_SUCCESS)
-      channel->next_id = ares__generate_new_id(&channel->id_key);
+      channel->next_id = ares__generate_new_id(channel->rand_state);
     else
       DEBUGF(fprintf(stderr, "Error: init_id_key failed: %s\n",
                      ares_strerror(status)));
@@ -242,6 +235,8 @@ int ares_init_options(ares_channel *channelptr, struct ares_options *options,
         ares_free(channel->resolvconf_path);
       if(channel->hosts_path)
         ares_free(channel->hosts_path);
+      if (channel->rand_state)
+        ares__destroy_rand_state(channel->rand_state);
       ares_free(channel);
       return status;
     }
@@ -2182,72 +2177,6 @@ static int sortlist_alloc(struct apattern **sortlist, int *nsort,
 }
 
 
-/* initialize an rc4 key. If possible a cryptographically secure random key
-   is generated using a suitable function otherwise the code defaults to
-   cross-platform albeit less secure mechanism using rand
-*/
-static void randomize_key(unsigned char* key,int key_data_len)
-{
-  int randomized = 0;
-  int counter=0;
-#ifdef WIN32
-  BOOLEAN res;
-
-  res = RtlGenRandom(key, key_data_len);
-  if (res)
-    randomized = 1;
-
-#else /* !WIN32 */
-#  ifdef CARES_RANDOM_FILE
-  FILE *f = fopen(CARES_RANDOM_FILE, "rb");
-  if(f) {
-    setvbuf(f, NULL, _IONBF, 0);
-    counter = aresx_uztosi(fread(key, 1, key_data_len, f));
-    fclose(f);
-  }
-#  endif
-#endif /* WIN32 */
-
-  if (!randomized) {
-    for (;counter<key_data_len;counter++)
-      key[counter]=(unsigned char)(rand() % 256);  /* LCOV_EXCL_LINE */
-  }
-}
-
-static int init_id_key(rc4_key* key,int key_data_len)
-{
-  unsigned char index1;
-  unsigned char index2;
-  unsigned char* state;
-  short counter;
-  unsigned char *key_data_ptr = 0;
-
-  key_data_ptr = ares_malloc(key_data_len);
-  if (!key_data_ptr)
-    return ARES_ENOMEM;
-  memset(key_data_ptr, 0, key_data_len);
-
-  state = &key->state[0];
-  for(counter = 0; counter < 256; counter++)
-    /* unnecessary AND but it keeps some compilers happier */
-    state[counter] = (unsigned char)(counter & 0xff);
-  randomize_key(key->state,key_data_len);
-  key->x = 0;
-  key->y = 0;
-  index1 = 0;
-  index2 = 0;
-  for(counter = 0; counter < 256; counter++)
-  {
-    index2 = (unsigned char)((key_data_ptr[index1] + state[counter] +
-                              index2) % 256);
-    ARES_SWAP_BYTE(&state[counter], &state[index2]);
-
-    index1 = (unsigned char)((index1 + 1) % key_data_len);
-  }
-  ares_free(key_data_ptr);
-  return ARES_SUCCESS;
-}
-
 void ares_set_local_ip4(ares_channel channel, unsigned int local_ip)
 {
   channel->local_ip4 = local_ip;

src/lib/ares_private.h

@@ -101,8 +101,6 @@ W32_FUNC const char *_w32_GetHostsFile (void);
 
 #endif
 
-#define ARES_ID_KEY_LEN 31
-
 #include "ares_ipv6.h"
 #include "ares_llist.h"
 
@@ -262,12 +260,8 @@ struct apattern {
   unsigned short type;
 };
 
-typedef struct rc4_key
-{
-  unsigned char state[256];
-  unsigned char x;
-  unsigned char y;
-} rc4_key;
+struct ares_rand_state;
+typedef struct ares_rand_state ares_rand_state;
 
 struct ares_channeldata {
   /* Configuration data */
@@ -302,8 +296,8 @@ struct ares_channeldata {
 
   /* ID to use for next query */
   unsigned short next_id;
-  /* key to use when generating new ids */
-  rc4_key id_key;
+  /* random state to use when generating new ids */
+  ares_rand_state *rand_state;
 
   /* Generation number to use for the next TCP socket open/close */
   int tcp_connection_generation;
@@ -362,7 +356,10 @@ void ares__close_sockets(ares_channel channel, struct server_state *server);
 int ares__get_hostent(FILE *fp, int family, struct hostent **host);
 int ares__read_line(FILE *fp, char **buf, size_t *bufsize);
 void ares__free_query(struct query *query);
-unsigned short ares__generate_new_id(rc4_key* key);
+
+ares_rand_state *ares__init_rand_state(void);
+void ares__destroy_rand_state(ares_rand_state *state);
+unsigned short ares__generate_new_id(ares_rand_state *state);
 struct timeval ares__tvnow(void);
 int ares__expand_name_validated(const unsigned char *encoded,
                                 const unsigned char *abuf,

src/lib/ares_query.c

@@ -33,32 +33,6 @@ struct qquery {
 
 static void qcallback(void *arg, int status, int timeouts, unsigned char *abuf, int alen);
 
-static void rc4(rc4_key* key, unsigned char *buffer_ptr, int buffer_len)
-{
-  unsigned char x;
-  unsigned char y;
-  unsigned char* state;
-  unsigned char xorIndex;
-  int counter;
-
-  x = key->x;
-  y = key->y;
-
-  state = &key->state[0];
-  for(counter = 0; counter < buffer_len; counter ++)
-  {
-    x = (unsigned char)((x + 1) % 256);
-    y = (unsigned char)((state[x] + y) % 256);
-    ARES_SWAP_BYTE(&state[x], &state[y]);
-
-    xorIndex = (unsigned char)((state[x] + state[y]) % 256);
-
-    buffer_ptr[counter] = (unsigned char)(buffer_ptr[counter]^state[xorIndex]);
-  }
-  key->x = x;
-  key->y = y;
-}
-
 static struct query* find_query_by_id(ares_channel channel, unsigned short id)
 {
   unsigned short qid;
@@ -78,7 +52,6 @@ static struct query* find_query_by_id(ares_channel channel, unsigned short id)
   return NULL;
 }
 
-
 /* a unique query id is generated using an rc4 key. Since the id may already
    be used by a running query (as infrequent as it may be), a lookup is
    performed per id generation. In practice this search should happen only
@@ -89,19 +62,12 @@ static unsigned short generate_unique_id(ares_channel channel)
   unsigned short id;
 
   do {
-    id = ares__generate_new_id(&channel->id_key);
+    id = ares__generate_new_id(channel->rand_state);
   } while (find_query_by_id(channel, id));
 
   return (unsigned short)id;
 }
 
-unsigned short ares__generate_new_id(rc4_key* key)
-{
-  unsigned short r=0;
-  rc4(key, (unsigned char *)&r, sizeof(r));
-  return r;
-}
-
 void ares_query(ares_channel channel, const char *name, int dnsclass,
                 int type, ares_callback callback, void *arg)
 {