search

tum-i4 / sip-oblivious-hashing

7 stars 4 forks source link

[CLOSED] SROH should not include extracted function calls in short range functions. #85

Open mr-ma opened 6 years ago

mr-ma commented 6 years ago

Issue by anahitH Tuesday May 29, 2018 at 18:57 GMT Originally opened as https://github.com/tum-i22/sip-oblivious-hashing/issues/85

Extracted functions (functions generated by -extract-functions transformation pass) contain data dependent instructions/blocks. If a call to an extracted function is included in short range path function, this may lead to binary patching problems. Consider an example when an extracted function has a call to scanf function (i.e. requests for an external input). If this function is called from short range path function, the execution during the patching will hang until and input is provided.

mr-ma commented 6 years ago

Comment by anahitH Wednesday May 30, 2018 at 10:48 GMT

SROH should skip not only calls to extracted functions, but all calls. Otherwise precomputed values for global hashes may differ from the values computed during the real run (run of patched binary). This can happen when a function is called from short range path function where a hash to global hash variable is done.

mr-ma commented 6 years ago

Comment by anahitH Wednesday May 30, 2018 at 15:12 GMT

Revert the part skipping call sites other than calls to extracted functions. Issues #87 and #86 should solve the problem this change was addressing.

mr-ma commented 6 years ago

Comment by anahitH Sunday Jun 03, 2018 at 22:21 GMT

SROH skips extracted function calls and calls to input independent function.