From 45aa3adb96ed68f833019decb01692d3a244874f Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Tue, 12 Sep 2023 19:07:25 +0200
Subject: [PATCH] Handle SIGPROT, CHERI's in-address space security exception

---
 m4/ax_check_catchable_segv.m4 | 3 +++
 src/libsodium/sodium/utils.c  | 5 ++++-
 test/default/sodium_utils2.c  | 6 ++++++
 test/default/sodium_utils3.c  | 6 ++++++
 4 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/m4/ax_check_catchable_segv.m4 b/m4/ax_check_catchable_segv.m4
index d1f36d9e..fb0579e0 100644
--- a/m4/ax_check_catchable_segv.m4
+++ b/m4/ax_check_catchable_segv.m4
@@ -21,6 +21,9 @@ static void sig(int _) { exit(0); }
 volatile unsigned char * volatile x = (volatile unsigned char *) malloc(8);
 size_t i;
 
+#ifdef SIGPROT
+signal(SIGPROT, sig);
+#endif
 signal(SIGSEGV, sig);
 signal(SIGBUS, sig);
 #if !defined(__SANITIZE_ADDRESS__) && !defined(__EMSCRIPTEN__)
diff --git a/src/libsodium/sodium/utils.c b/src/libsodium/sodium/utils.c
index 5651ddb4..055c1a5f 100644
--- a/src/libsodium/sodium/utils.c
+++ b/src/libsodium/sodium/utils.c
@@ -82,6 +82,7 @@ void *alloca (size_t);
     defined(HAVE_POSIX_MEMALIGN)
 # define HAVE_ALIGNED_MALLOC
 #endif
+
 #if defined(HAVE_MPROTECT) && \
     !(defined(PROT_NONE) && defined(PROT_READ) && defined(PROT_WRITE))
 # undef HAVE_MPROTECT
@@ -510,7 +511,9 @@ __attribute__((noreturn)) static void
 _out_of_bounds(void)
 {
 # if defined(HAVE_RAISE) && !defined(__wasm__)
-#  ifdef SIGSEGV
+#  ifdef SIGPROT
+    raise(SIGPROT);
+#  elif defined(SIGSEGV)
     raise(SIGSEGV);
 #  elif defined(SIGKILL)
     raise(SIGKILL);
diff --git a/test/default/sodium_utils2.c b/test/default/sodium_utils2.c
index 4f8451c5..36a6de87 100644
--- a/test/default/sodium_utils2.c
+++ b/test/default/sodium_utils2.c
@@ -29,6 +29,9 @@ segv_handler(int sig)
     printf("Intentional segfault / bus error caught\n");
     printf("OK\n");
 #ifdef SIG_DFL
+# ifdef SIGPROT
+    signal(SIGPROT, SIG_DFL);
+# endif
 # ifdef SIGSEGV
     signal(SIGSEGV, SIG_DFL);
 # endif
@@ -82,6 +85,9 @@ main(void)
     }
     printf("OK\n");
 #ifdef SIG_DFL
+# ifdef SIGPROT
+    signal(SIGPROT, segv_handler);
+# endif
 # ifdef SIGSEGV
     signal(SIGSEGV, segv_handler);
 # endif
diff --git a/test/default/sodium_utils3.c b/test/default/sodium_utils3.c
index 1a110e2e..4593069b 100644
--- a/test/default/sodium_utils3.c
+++ b/test/default/sodium_utils3.c
@@ -25,6 +25,9 @@ segv_handler(int sig)
     printf("Intentional segfault / bus error caught\n");
     printf("OK\n");
 #ifdef SIG_DFL
+# ifdef SIGPROT
+    signal(SIGPROT, SIG_DFL);
+# endif
 # ifdef SIGSEGV
     signal(SIGSEGV, SIG_DFL);
 # endif
@@ -49,6 +52,9 @@ main(void)
 #endif
 
 #ifdef SIG_DFL
+# ifdef SIGPROT
+    signal(SIGPROT, segv_handler);
+# endif
 # ifdef SIGSEGV
     signal(SIGSEGV, segv_handler);
 # endif