From 3cfaa4c1ff31627b4e1e3a6d15b8cdda92861103 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 26 Jan 2023 12:32:48 -0500 Subject: [PATCH 1/4] Handle return value --- wolfcrypt/src/asn.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index ed72dfd4a..3d180cd9f 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -15424,8 +15424,16 @@ static int ConfirmSignature(SignatureCtx* sigCtx, ERROR_OUT(MEMORY_E, exit_cs); } #endif - mp_init(r); - mp_init(s); + if((ret = mp_init(r)) != 0) { + WOLFSSL_MSG("Variable ('r') initialization error"); + WOLFSSL_ERROR_VERBOSE(ret); + goto exit_cs; + } + if((ret = mp_init(s)) != 0) { + WOLFSSL_MSG("Variable ('s') initialization error"); + WOLFSSL_ERROR_VERBOSE(ret); + goto exit_cs; + } idx = 0; if (DecodeECC_DSA_Sig(sig + idx, sigSz - idx, r, s) From eaeff1e7c25d2db676fa4b83e412d16ef14b9c4a Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 26 Jan 2023 12:33:14 -0500 Subject: [PATCH 2/4] Avoid "use after free" error --- wolfcrypt/src/asn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 3d180cd9f..21d23d430 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -22001,6 +22001,8 @@ Signer* MakeSigner(void* heap) */ void FreeSigner(Signer* signer, void* heap) { + (void)signer; + (void)heap; XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN); XFREE((void*)signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY); #ifndef IGNORE_NAME_CONSTRAINTS @@ -22013,8 +22015,6 @@ void FreeSigner(Signer* signer, void* heap) FreeDer(&signer->derCert); #endif XFREE(signer, heap, DYNAMIC_TYPE_SIGNER); - (void)signer; - (void)heap; } From 5b36d5235cce5c0b7085b4032b282c37cb265d37 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 26 Jan 2023 15:56:00 -0500 Subject: [PATCH 3/4] Always check to make sure 'sigCheckBuf' is within range --- wolfcrypt/src/rsa.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index e2e546e7d..5010cd33a 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -4035,7 +4035,6 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, } } -#ifdef WOLFSSL_PSS_LONG_SALT /* if long salt is larger then default maximum buffer then allocate a buffer */ if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + saltLen)) { sigCheck = (byte*)XMALLOC(RSA_PSS_PAD_SZ + inSz + saltLen, heap, @@ -4044,7 +4043,6 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, ret = MEMORY_E; } } -#endif /* Exp Hash = HASH(8 * 0x00 | Message Hash | Salt) */ if (ret == 0) { @@ -4061,11 +4059,9 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, } } -#ifdef WOLFSSL_PSS_LONG_SALT if (sigCheck != NULL && sigCheck != sigCheckBuf) { XFREE(sigCheck, heap, DYNAMIC_TYPE_RSA_BUFFER); } -#endif (void)heap; /* unused if memory is disabled */ return ret; From 767c282c1dd1ce15a1e04194121a1b29d3bc9485 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 8 Feb 2023 16:35:03 -0500 Subject: [PATCH 4/4] Addressing PR comments --- wolfcrypt/src/asn.c | 9 +-------- wolfcrypt/src/rsa.c | 8 ++++++++ 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 21d23d430..f5a32d2b0 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -15424,14 +15424,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, ERROR_OUT(MEMORY_E, exit_cs); } #endif - if((ret = mp_init(r)) != 0) { - WOLFSSL_MSG("Variable ('r') initialization error"); - WOLFSSL_ERROR_VERBOSE(ret); - goto exit_cs; - } - if((ret = mp_init(s)) != 0) { - WOLFSSL_MSG("Variable ('s') initialization error"); - WOLFSSL_ERROR_VERBOSE(ret); + if ((ret = mp_init_multi(r, s, NULL, NULL, NULL, NULL)) != MP_OKAY) { goto exit_cs; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 5010cd33a..88204b395 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -4035,6 +4035,7 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, } } +#ifdef WOLFSSL_PSS_LONG_SALT /* if long salt is larger then default maximum buffer then allocate a buffer */ if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + saltLen)) { sigCheck = (byte*)XMALLOC(RSA_PSS_PAD_SZ + inSz + saltLen, heap, @@ -4043,6 +4044,11 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, ret = MEMORY_E; } } +#else + if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + saltLen)) { + ret = BUFFER_E; + } +#endif /* Exp Hash = HASH(8 * 0x00 | Message Hash | Salt) */ if (ret == 0) { @@ -4059,9 +4065,11 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, } } +#ifdef WOLFSSL_PSS_LONG_SALT if (sigCheck != NULL && sigCheck != sigCheckBuf) { XFREE(sigCheck, heap, DYNAMIC_TYPE_RSA_BUFFER); } +#endif (void)heap; /* unused if memory is disabled */ return ret;