7efe8bbfbf
Security Fixes: - CVE-2024-45339: Add O_EXCL flag to temp file creation in storage_write_entries() Prevents symlink attacks on predictable .tmp file paths - CVE-2025-47290: Use openat_nofollow() in storage_open() Closes TOCTOU race condition via path_sanitizer infrastructure - CVE-2025-0838: Add MAX_BATCH_SIZE=10000 to add_tasks() Prevents integer overflow in batch operations Research Trustworthiness (dataset_hash): - Deterministic file ordering: std::sort after collect_files() - Recursive directory traversal: depth-limited with cycle detection - Documented exclusions: hidden files and special files noted in API Bug Fixes: - R1: storage_init path validation for non-existent directories - R2: safe_strncpy return value check before strcat - R3: parallel_hash 256-file cap replaced with std::vector - R4: wire qi_compact_index/qi_rebuild_index stubs - R5: CompletionLatch race condition fix (hold mutex during decrement) - R6: ARMv8 SHA256 transform fix (save abcd_pre before vsha256hq_u32) - R7: fuzz_index_storage header format fix - R8: enforce null termination in add_tasks/update_tasks - R9: use 64 bytes (not 65) in combined hash to exclude null terminator - R10: status field persistence in save() New Tests: - test_recursive_dataset.cpp: Verify deterministic recursive hashing - test_storage_symlink_resistance.cpp: Verify CVE-2024-45339 fix - test_queue_index_batch_limit.cpp: Verify CVE-2025-0838 fix - test_sha256_arm_kat.cpp: ARMv8 known-answer tests - test_storage_init_new_dir.cpp: F1 verification - test_parallel_hash_large_dir.cpp: F3 verification - test_queue_index_compact.cpp: F4 verification All 8 native tests passing. Library ready for research lab deployment.
21 lines
738 B
C++
21 lines
738 B
C++
#pragma once
|
|
#include <cstddef>
|
|
#include <cstdint>
|
|
|
|
namespace fetchml::common {
|
|
|
|
// Secure memory comparison - constant time regardless of input
|
|
// Returns 0 if equal, non-zero if not equal
|
|
// Timing does not depend on content of data
|
|
int secure_memcmp(const void* a, const void* b, size_t len);
|
|
|
|
// Secure memory clear - prevents compiler from optimizing away
|
|
// Use this for clearing sensitive data like keys, passwords, etc.
|
|
void secure_memzero(void* ptr, size_t len);
|
|
|
|
// Safe strncpy - always null terminates, returns -1 on truncation
|
|
// dst_size must include space for null terminator
|
|
// Returns: 0 on success, -1 if truncation occurred
|
|
int safe_strncpy(char* dst, const char* src, size_t dst_size);
|
|
|
|
} // namespace fetchml::common
|