mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-01 03:34:39 +02:00
Experimental fixes for async to resolve runtime fsanitize issues with invalid memory access due to attempting realloc on non NUMA type. Tested with ./configure --with-intelqa=../QAT1.6 --enable-asynccrypt CC="clang -fsanitize=address" --enable-debug --disable-shared --enable-trackmemory CFLAGS="-DWOLFSSL_DEBUG_MEMORY -DWOLFSSL_DEBUG_MEMORY_PRINT" && make and sudo ./tests/unit.test.
This commit is contained in:
David Garske
@@ -13286,7 +13286,7 @@ typedef struct BuildMsgArgs {
|
||||
word32 headerSz;
|
||||
word16 size;
|
||||
word32 ivSz; /* TLSv1.1 IV */
|
||||
byte iv[AES_BLOCK_SIZE]; /* max size */
|
||||
byte* iv;
|
||||
} BuildMsgArgs;
|
||||
|
||||
static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs)
|
||||
@@ -13296,7 +13296,10 @@ static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs)
|
||||
(void)ssl;
|
||||
(void)args;
|
||||
|
||||
/* no allocations in BuildMessage */
|
||||
if (args->iv) {
|
||||
XFREE(args->iv, ssl->heap, DYNAMIC_TYPE_SALT);
|
||||
args->iv = NULL;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -13400,7 +13403,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
||||
args->ivSz = blockSz;
|
||||
args->sz += args->ivSz;
|
||||
|
||||
if (args->ivSz > (word32)sizeof(args->iv))
|
||||
if (args->ivSz > AES_BLOCK_SIZE)
|
||||
ERROR_OUT(BUFFER_E, exit_buildmsg);
|
||||
}
|
||||
args->sz += 1; /* pad byte */
|
||||
@@ -13431,6 +13434,10 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
||||
}
|
||||
|
||||
if (args->ivSz > 0) {
|
||||
args->iv = (byte*)XMALLOC(args->ivSz, ssl->heap, DYNAMIC_TYPE_SALT);
|
||||
if (args->iv == NULL)
|
||||
ERROR_OUT(MEMORY_E, exit_buildmsg);
|
||||
|
||||
ret = wc_RNG_GenerateBlock(ssl->rng, args->iv, args->ivSz);
|
||||
if (ret != 0)
|
||||
goto exit_buildmsg;
|
||||
|
||||
38
src/tls.c
38
src/tls.c
@@ -260,16 +260,15 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
byte* md5_half;
|
||||
byte* sha_half;
|
||||
byte* labelSeed;
|
||||
byte* md5_result;
|
||||
byte* sha_result;
|
||||
#else
|
||||
byte md5_half[MAX_PRF_HALF]; /* half is real size */
|
||||
byte sha_half[MAX_PRF_HALF]; /* half is real size */
|
||||
byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
|
||||
byte md5_result[MAX_PRF_DIG]; /* digLen is real size */
|
||||
byte sha_result[MAX_PRF_DIG]; /* digLen is real size */
|
||||
#endif
|
||||
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
|
||||
|
||||
if (half > MAX_PRF_HALF)
|
||||
return BUFFER_E;
|
||||
@@ -281,17 +280,16 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
md5_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST);
|
||||
sha_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST);
|
||||
labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_SEED);
|
||||
md5_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST);
|
||||
sha_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST);
|
||||
|
||||
if (md5_half == NULL || sha_half == NULL || labelSeed == NULL ||
|
||||
md5_result == NULL || sha_result == NULL) {
|
||||
if (md5_half == NULL || sha_half == NULL || md5_result == NULL ||
|
||||
sha_result == NULL) {
|
||||
if (md5_half) XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST);
|
||||
if (sha_half) XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST);
|
||||
if (labelSeed) XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);
|
||||
if (md5_result) XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST);
|
||||
if (sha_result) XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST);
|
||||
FREE_VAR(labelSeed, heap);
|
||||
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -317,11 +315,12 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST);
|
||||
XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST);
|
||||
XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);
|
||||
XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST);
|
||||
XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST);
|
||||
#endif
|
||||
|
||||
FREE_VAR(labelSeed, heap);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -339,21 +338,11 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
int ret = 0;
|
||||
|
||||
if (useAtLeastSha256) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
byte* labelSeed;
|
||||
#else
|
||||
byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
|
||||
#endif
|
||||
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
|
||||
|
||||
if (labLen + seedLen > MAX_PRF_LABSEED)
|
||||
return BUFFER_E;
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_SEED);
|
||||
if (labelSeed == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
XMEMCPY(labelSeed, label, labLen);
|
||||
XMEMCPY(labelSeed + labLen, seed, seedLen);
|
||||
|
||||
@@ -364,9 +353,7 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||||
ret = p_hash(digest, digLen, secret, secLen, labelSeed,
|
||||
labLen + seedLen, hash_type, heap, devId);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);
|
||||
#endif
|
||||
FREE_VAR(labelSeed, heap);
|
||||
}
|
||||
#ifndef NO_OLD_TLS
|
||||
else {
|
||||
@@ -528,13 +515,18 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len,
|
||||
int tls1_2, int hash_type,
|
||||
void* heap, int devId)
|
||||
{
|
||||
byte seed[SEED_LEN];
|
||||
int ret;
|
||||
DECLARE_VAR(seed, byte, SEED_LEN, heap);
|
||||
|
||||
XMEMCPY(seed, sr, RAN_LEN);
|
||||
XMEMCPY(seed + RAN_LEN, cr, RAN_LEN);
|
||||
|
||||
return PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ,
|
||||
ret = PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ,
|
||||
seed, SEED_LEN, tls1_2, hash_type, heap, devId);
|
||||
|
||||
FREE_VAR(seed, heap);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* External facing wrapper so user can call as well, 0 on success */
|
||||
|
||||
@@ -3116,17 +3116,7 @@ int wc_ecc_point_is_at_infinity(ecc_point* p)
|
||||
static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
|
||||
{
|
||||
int err;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
byte* buf;
|
||||
#else
|
||||
byte buf[ECC_MAXSIZE_GEN];
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
if (buf == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
DECLARE_VAR(buf, byte, ECC_MAXSIZE_GEN, rng->heap);
|
||||
|
||||
/*generate 8 extra bytes to mitigate bias from the modulo operation below*/
|
||||
/*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
|
||||
@@ -3153,9 +3143,7 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
|
||||
}
|
||||
|
||||
ForceZero(buf, ECC_MAXSIZE);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
#endif
|
||||
FREE_VAR(buf, rng->heap);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user