From 2231f4c3038aefc1f77cf456b188b53fb6da4a13 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Tue, 20 May 2008 19:59:07 +0000 Subject: Generate two keys with the PID forced to the same value and test that they differ, to defend against recurrences of the recent Debian OpenSSL vulnerability. --- debian/tests/getpid.c | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 debian/tests/getpid.c (limited to 'debian/tests/getpid.c') diff --git a/debian/tests/getpid.c b/debian/tests/getpid.c new file mode 100644 index 000000000..c9e35b87e --- /dev/null +++ b/debian/tests/getpid.c @@ -0,0 +1,39 @@ +/* + * Compile: + +gcc -fPIC -c getpid.c -o getpid.o +gcc -shared -o getpid.so getpid.o + + * Use: + +FORCE_PID=1234 LD_PRELOAD=./getpid.so bash + +# +# Copyright (C) 2001-2008 Kees Cook +# kees@outflux.net, http://outflux.net/ +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# http://www.gnu.org/copyleft/gpl.html + +*/ + +#include +#include +#include + +pid_t getpid(void) +{ + return atoi(getenv("FORCE_PID")); +} -- cgit v1.2.3