commit e8e8ad8d19ce1bed8200c2e5bc0c2cb9945a8b87
author Vlad Tsyrklevich <vtsyrklevich@chromium.org> Thu Dec 07 02:38:22 2017
committer Commit Bot <commit-bot@chromium.org> Tue Dec 12 09:27:07 2017
tree ae657f704f37871265b5a8cd4293427fbd38cf40
parent 2e27d1cf5e77eab094368dd101ee182270a3687b

[CFI] Fix cfi-icall failures

Control Flow Integrity [1] indirect call checking verifies that function
pointers only call valid functions with a matching type signature.
webrtc casts the function pointers for external_hmac causing a cfi-icall
failure when they are later called in libsrtp. Refactor the functions to
match the correct type signatures to avoid this failure.

[1] https://www.chromium.org/developers/testing/control-flow-integrity

Bug: chromium:776905
Change-Id: I419028be02e6c151c497e3ec64f10f35e07cdb0f
Reviewed-on: https://webrtc-review.googlesource.com/26721
Commit-Queue: Karl Wiberg <kwiberg@webrtc.org>
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#21220}

pc/externalhmac.cc

diff --git a/pc/externalhmac.cc b/pc/externalhmac.cc
index 348b33b..0e82fff 100644
--- a/pc/externalhmac.cc
+++ b/pc/externalhmac.cc
@@ -51,10 +51,10 @@
 static const srtp_auth_type_t external_hmac  = {
   external_hmac_alloc,
   external_hmac_dealloc,
-  (srtp_auth_init_func)    external_hmac_init,
-  (srtp_auth_compute_func) external_hmac_compute,
-  (srtp_auth_update_func)  external_hmac_update,
-  (srtp_auth_start_func)   external_hmac_start,
+  external_hmac_init,
+  external_hmac_compute,
+  external_hmac_update,
+  external_hmac_start,
   const_cast<char*>(kExternalHmacDescription),
   const_cast<srtp_auth_test_case_t*>(&kExternalHmacTestCase0),
   EXTERNAL_HMAC_SHA1
@@ -104,33 +104,34 @@
   return srtp_err_status_ok;
 }
 
-srtp_err_status_t external_hmac_init(ExternalHmacContext* state,
+srtp_err_status_t external_hmac_init(void* state,
                                      const uint8_t* key,
                                      int key_len) {
   if (key_len > HMAC_KEY_LENGTH)
     return srtp_err_status_bad_param;
 
-  memset(state->key, 0, key_len);
-  memcpy(state->key, key, key_len);
-  state->key_length = key_len;
+  ExternalHmacContext* context = static_cast<ExternalHmacContext*>(state);
+  memset(context->key, 0, key_len);
+  memcpy(context->key, key, key_len);
+  context->key_length = key_len;
   return srtp_err_status_ok;
 }
 
-srtp_err_status_t external_hmac_start(ExternalHmacContext* state) {
+srtp_err_status_t external_hmac_start(void* /*state*/) {
   return srtp_err_status_ok;
 }
 
-srtp_err_status_t external_hmac_update(ExternalHmacContext* state,
-                                       const uint8_t* message,
-                                       int msg_octets) {
+srtp_err_status_t external_hmac_update(void* /*state*/,
+                                       const uint8_t* /*message*/,
+                                       int /*msg_octets*/) {
   return srtp_err_status_ok;
 }
 
-srtp_err_status_t external_hmac_compute(ExternalHmacContext* state,
-                                       const void* message,
-                                       int msg_octets,
-                                       int tag_len,
-                                       uint8_t* result) {
+srtp_err_status_t external_hmac_compute(void* /*state*/,
+                                        const uint8_t* /*message*/,
+                                        int /*msg_octets*/,
+                                        int tag_len,
+                                        uint8_t* result) {
   memcpy(result, kExternalHmacFakeTag, tag_len);
   return srtp_err_status_ok;
 }