wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 04:04:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Experimental fixes for async to resolve runtime fsanitize issues with invalid memory access due to attempting realloc on non NUMA type. Tested with ./configure --with-intelqa=../QAT1.6 --enable-asynccrypt CC="clang -fsanitize=address" --enable-debug --disable-shared --enable-trackmemory CFLAGS="-DWOLFSSL_DEBUG_MEMORY -DWOLFSSL_DEBUG_MEMORY_PRINT" && make and sudo ./tests/unit.test.

Browse Source
This commit is contained in:
David Garske
2018-06-06 16:38:48 -07:00
parent 1179969dcf
commit 64ba151c35
3 changed files with 27 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/internal.c
View File

@@ -13286,7 +13286,7 @@ typedef struct BuildMsgArgs {
word32 headerSz; word32 headerSz;
word16 size; word16 size;
word32 ivSz; /* TLSv1.1 IV */ word32 ivSz; /* TLSv1.1 IV */
byte iv[AES_BLOCK_SIZE]; /* max size */ byte* iv;
} BuildMsgArgs; } BuildMsgArgs;
static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs) static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs)
@@ -13296,7 +13296,10 @@ static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs)
(void)ssl; (void)ssl;
(void)args; (void)args;
/* no allocations in BuildMessage */ if (args->iv) {
XFREE(args->iv, ssl->heap, DYNAMIC_TYPE_SALT);
args->iv = NULL;
}
} }
#endif #endif
@@ -13400,7 +13403,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
args->ivSz = blockSz; args->ivSz = blockSz;
args->sz += args->ivSz; args->sz += args->ivSz;
if (args->ivSz > (word32)sizeof(args->iv)) if (args->ivSz > AES_BLOCK_SIZE)
ERROR_OUT(BUFFER_E, exit_buildmsg); ERROR_OUT(BUFFER_E, exit_buildmsg);
} }
args->sz += 1; /* pad byte */ args->sz += 1; /* pad byte */
@@ -13431,6 +13434,10 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
} }
if (args->ivSz > 0) { if (args->ivSz > 0) {
args->iv = (byte*)XMALLOC(args->ivSz, ssl->heap, DYNAMIC_TYPE_SALT);
if (args->iv == NULL)
ERROR_OUT(MEMORY_E, exit_buildmsg);
ret = wc_RNG_GenerateBlock(ssl->rng, args->iv, args->ivSz); ret = wc_RNG_GenerateBlock(ssl->rng, args->iv, args->ivSz);
if (ret != 0) if (ret != 0)
goto exit_buildmsg; goto exit_buildmsg;

38
src/tls.c
View File

@@ -260,16 +260,15 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
byte* md5_half; byte* md5_half;
byte* sha_half; byte* sha_half;
byte* labelSeed;
byte* md5_result; byte* md5_result;
byte* sha_result; byte* sha_result;
#else #else
byte md5_half[MAX_PRF_HALF]; /* half is real size */ byte md5_half[MAX_PRF_HALF]; /* half is real size */
byte sha_half[MAX_PRF_HALF]; /* half is real size */ byte sha_half[MAX_PRF_HALF]; /* half is real size */
byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
byte md5_result[MAX_PRF_DIG]; /* digLen is real size */ byte md5_result[MAX_PRF_DIG]; /* digLen is real size */
byte sha_result[MAX_PRF_DIG]; /* digLen is real size */ byte sha_result[MAX_PRF_DIG]; /* digLen is real size */
#endif #endif
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
if (half > MAX_PRF_HALF) if (half > MAX_PRF_HALF)
return BUFFER_E; return BUFFER_E;
@@ -281,17 +280,16 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
md5_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST); md5_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST);
sha_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST); sha_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST);
labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_SEED);
md5_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST); md5_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST);
sha_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST); sha_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST);
if (md5_half == NULL || sha_half == NULL || labelSeed == NULL || if (md5_half == NULL || sha_half == NULL || md5_result == NULL ||
md5_result == NULL || sha_result == NULL) { sha_result == NULL) {
if (md5_half) XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST); if (md5_half) XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST);
if (sha_half) XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST); if (sha_half) XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST);
if (labelSeed) XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);
if (md5_result) XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST); if (md5_result) XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST);
if (sha_result) XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST); if (sha_result) XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST);
FREE_VAR(labelSeed, heap);
return MEMORY_E; return MEMORY_E;
} }
@@ -317,11 +315,12 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST); XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST);
XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST); XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST);
XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);
XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST); XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST);
XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST); XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST);
#endif #endif
FREE_VAR(labelSeed, heap);
return ret; return ret;
} }
@@ -339,21 +338,11 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
int ret = 0; int ret = 0;
if (useAtLeastSha256) { if (useAtLeastSha256) {
#ifdef WOLFSSL_SMALL_STACK DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
byte* labelSeed;
#else
byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
#endif
if (labLen + seedLen > MAX_PRF_LABSEED) if (labLen + seedLen > MAX_PRF_LABSEED)
return BUFFER_E; return BUFFER_E;
#ifdef WOLFSSL_SMALL_STACK
labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_SEED);
if (labelSeed == NULL)
return MEMORY_E;
#endif
XMEMCPY(labelSeed, label, labLen); XMEMCPY(labelSeed, label, labLen);
XMEMCPY(labelSeed + labLen, seed, seedLen); XMEMCPY(labelSeed + labLen, seed, seedLen);
@@ -364,9 +353,7 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
ret = p_hash(digest, digLen, secret, secLen, labelSeed, ret = p_hash(digest, digLen, secret, secLen, labelSeed,
labLen + seedLen, hash_type, heap, devId); labLen + seedLen, hash_type, heap, devId);
#ifdef WOLFSSL_SMALL_STACK FREE_VAR(labelSeed, heap);
XFREE(labelSeed, heap, DYNAMIC_TYPE_SEED);
#endif
} }
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
else { else {
@@ -528,13 +515,18 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len,
int tls1_2, int hash_type, int tls1_2, int hash_type,
void* heap, int devId) void* heap, int devId)
{ {
byte seed[SEED_LEN]; int ret;
DECLARE_VAR(seed, byte, SEED_LEN, heap);
XMEMCPY(seed, sr, RAN_LEN); XMEMCPY(seed, sr, RAN_LEN);
XMEMCPY(seed + RAN_LEN, cr, RAN_LEN); XMEMCPY(seed + RAN_LEN, cr, RAN_LEN);
return PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ, ret = PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ,
seed, SEED_LEN, tls1_2, hash_type, heap, devId); seed, SEED_LEN, tls1_2, hash_type, heap, devId);
FREE_VAR(seed, heap);
return ret;
} }
/* External facing wrapper so user can call as well, 0 on success */ /* External facing wrapper so user can call as well, 0 on success */

16
wolfcrypt/src/ecc.c
View File

@@ -3116,17 +3116,7 @@ int wc_ecc_point_is_at_infinity(ecc_point* p)
static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order) static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
{ {
int err; int err;
#ifdef WOLFSSL_SMALL_STACK DECLARE_VAR(buf, byte, ECC_MAXSIZE_GEN, rng->heap);
byte* buf;
#else
byte buf[ECC_MAXSIZE_GEN];
#endif
#ifdef WOLFSSL_SMALL_STACK
buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_ECC_BUFFER);
if (buf == NULL)
return MEMORY_E;
#endif
/*generate 8 extra bytes to mitigate bias from the modulo operation below*/ /*generate 8 extra bytes to mitigate bias from the modulo operation below*/
/*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/ /*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
@@ -3153,9 +3143,7 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
} }
ForceZero(buf, ECC_MAXSIZE); ForceZero(buf, ECC_MAXSIZE);
#ifdef WOLFSSL_SMALL_STACK FREE_VAR(buf, rng->heap);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return err; return err;
} }