I reviewed libmd 1.0.3-3build1 as checked into hirsute. This shouldn't be considered a full audit but rather a quick gauge of maintainability.
libmd is a small library of message digest aka hash functions. - No CVE history. - No non-essential build-depends. - No pre/post inst/rm scripts, only a trigger to run ldconfig due to it being a shared library. - No init scripts. - No systemd units. - No dbus services? - No setuid binaries. - No binaries in PATH. - No sudo fragments. - No polkit files. - No udev rules. - There are simple unit tests for each of the hashing algorithms that are run as part of the build. One limitation of the tests is that all the testcases hash trivially small amounts of data, so multiple block computations are not exercised, as well as none of the file hashing interfaces. Upstream has added gitlab ci integration support after the 1.0.3 release. - No cron jobs. - Build logs are clean, with the exception that the unit test compilations throw a bunch of signedness mismatch warnings (const char * versus const unsigned char *). These look to have been fixed upstream in https://git.hadrons.org/cgit/libmd.git/commit/?id=e50a6db8ec1425e8354ece5ce45ac6cb2d2dcb3b - No processes spawned. - Memory management is par for the course for crypto/hashing algorithms. Return values for malloc() are checked, but lots of memory operations relying on correctness of computed sizes. - The only File IO is opening file or file chunks in read-only mode to compute the message digest of its contents. Paths are assumed to have been sanitized by the calling application. No interpretation of the contents is performed. - No logging appears to be performed. - No environment variable usage present. - No use of privileged functions. - No use of outside cryptography / random number sources etc. As a hashing library it implements several algorithms itself. - No use of temp files. - No use of networking. - No use of WebKit. - No use of PolicyKit. - No cppcheck or Coverity issues found. There is a bunch of duplicated code in the helper functions around file handling that only differs in the specific message digest algorithm used. This means that bugs/flaws in that portion of the code will need to be applied to all, rather than just once in an abstracted set of functions. Security team ACK for promoting libmd to main. ** Changed in: libmd (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) ** Changed in: libmd (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1915009 Title: [MIR] libmd (dependency of libbsd) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libmd/+bug/1915009/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
