Closed GoogleCodeExporter closed 8 years ago
It would be better to implement the SHA digest within Perl, rather than rely on
an external executable that may or may not be there.
http://search.cpan.org/~mshelor/Digest-SHA-5.73/lib/Digest/SHA.pm
Original comment by amoun...@students.poly.edu
on 22 Nov 2012 at 2:06
This is actually rather serious, since you could have the phony sha256sum
script output arbitrary C code that will be written into your checksum script
which will then be executed by ae.
#!/bin/sh
echo "I am the evil sha256sum.\"); system(\"cat /etc/passwd\"); printf(\""
# EOF
Ends up generating the following C code...
snprintf(strs[0], 512, "I am the evil sha256sum."); system("cat /etc/passwd");
printf("\n");
Original comment by amoun...@students.poly.edu
on 22 Nov 2012 at 2:33
This is invalid. The reason is that AllEyes design calls
For none C language monitor, we use the method of checking the SHA256 checksum
during run-time to ensure that the monitor is a valid monitor. To accomplish
this, we do the following steps:
1. There is a small C program that is used to link with the 'ae' daemon to launch the none C language monitor during run-time
2. Before the compilation of the ae daemon and monitor code, including the small C program, we call sha256check.pl, which calls the system command shar256, to calculate the SHA256 checksum of the none C language monitor code. This checksum value is embedded into the small C program for compilation (hence the generated file *_sum.c) of the ae daemon. That is why you should only see the file sha256check.pl is used in the Makefile of a monitor
3. After the compilation, the 'ae' daemon process should include the checksum value of the monitor from step 2 above
4. During run-time, when 'ae' daemon process starts the monitor, it first re-calculates the the SH256 checksum of the monitor, then, compares the checksum value with the embedded value to make sure they are the same. Please note that the file sha256check.pl is not part of the release package and is not installed or called anywhere on a production system.
5. For the none C language monitor, the monitor source code does not include anything that should relate to how the checksum is calculated. All checksum work is done prior to the compilation of the ae daemon or during run-time by the ae daemon itself.
Mark the bug as invalid.
Original comment by toddd...@gmail.com
on 25 Nov 2012 at 8:27
Original issue reported on code.google.com by
amoun...@students.poly.edu
on 22 Nov 2012 at 1:26