Hi,

I tried building curl with clang's control-flow integrity feature [1].
CFI is a "next generation" exploit mitigation technology.
Trying to do a simple test (curl [any http url) an error was shown
during an indirect function call of a callback defined by
curl_write_callback.

curl_write_callback is defined in curl.h:
typedef size_t (*curl_write_callback)(char *buffer,
                                      size_t size,
                                      size_t nitems,
                                      void *outstream);

When doing a simple http request the code will use two different
functions for that callback: tool_header_cb and tool_write_cb. The
issue is identical for both, so I'll only describe tool_write_cb.

It's defined in tool_cb_wrt.{c,h} like this:

size_t tool_write_cb(void *buffer, size_t sz, size_t nmemb, void
*userdata)

As you can see the callback definition uses a char* for the first
argument, while the function uses a void*. That's what CFI complains
about.

I see no harm in changing the function definitions to char*, so I
propose changing that to make curl usable with CFI. See attached patch.

(When running the curl test suite many more errors of similar nature
show up, I think they all can be fixed with similar easy patches.
However I admit this stuff is all pretty new for me, so I wanted to
first check whether this first patch gets accepted and doesn't cause
any problems. Looks benign enough though.)

[1] https://clang.llvm.org/docs/ControlFlowIntegrity.html

-- 
Hanno Böck
https://hboeck.de/
mail/jabber: hanno_at_hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html