wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compatibility Layer

Browse Source 
1. Changed the ASN1_OBJECT member of the X509_NAME_ENTRY to be a pointer
   rather than an object. It could lead to a double free on the name
   entry.
2. The ASN1_OBJECT allocator should set the dynamic flag, as the
   deallocator is the one that uses it.
3. General changes to treat the member as a pointer rather than a
   member.
4. In the api test, we were iterating over the name members in the name
   checking the NIDs. After the loop we freed the name member object.
   This led to a double free error.
This commit is contained in:
John Safranek
2020-10-25 14:38:07 -07:00
parent f5f883597e
commit 9c1049f112
4 changed files with 16 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -3337,7 +3337,7 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag, void* heap)
name->sz = 0; name->sz = 0;
name->heap = heap; name->heap = heap;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
XMEMSET(&name->entry, 0, sizeof(name->entry)); XMEMSET(name->entry, 0, sizeof(name->entry));
name->x509 = NULL; name->x509 = NULL;
name->entrySz = 0; name->entrySz = 0;
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
@@ -3357,7 +3357,7 @@ void FreeX509Name(WOLFSSL_X509_NAME* name)
int i; int i;
for (i = 0; i < MAX_NAME_ENTRIES; i++) { for (i = 0; i < MAX_NAME_ENTRIES; i++) {
if (name->entry[i].set) { if (name->entry[i].set) {
wolfSSL_ASN1_OBJECT_free(&name->entry[i].object); wolfSSL_ASN1_OBJECT_free(name->entry[i].object);
wolfSSL_ASN1_STRING_free(name->entry[i].value); wolfSSL_ASN1_STRING_free(name->entry[i].value);
} }
} }

40
src/ssl.c
View File

@@ -9359,8 +9359,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = x509->CRLInfo; obj->obj = x509->CRLInfo;
obj->objSz = x509->CRLInfoSz; obj->objSz = x509->CRLInfoSz;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ;
} }
else { else {
WOLFSSL_MSG("No CRL dist set"); WOLFSSL_MSG("No CRL dist set");
@@ -9381,8 +9379,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = x509->authInfo; obj->obj = x509->authInfo;
obj->objSz = x509->authInfoSz; obj->objSz = x509->authInfoSz;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
} }
else { else {
WOLFSSL_MSG("No Auth Info set"); WOLFSSL_MSG("No Auth Info set");
@@ -9409,8 +9405,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = x509->authKeyId; obj->obj = x509->authKeyId;
obj->objSz = x509->authKeyIdSz; obj->objSz = x509->authKeyIdSz;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
akey->issuer = obj; akey->issuer = obj;
return akey; return akey;
} }
@@ -9433,8 +9427,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = x509->subjKeyId; obj->obj = x509->subjKeyId;
obj->objSz = x509->subjKeyIdSz; obj->objSz = x509->subjKeyIdSz;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
} }
else { else {
WOLFSSL_MSG("No Subject Key set"); WOLFSSL_MSG("No Subject Key set");
@@ -9472,8 +9464,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = (byte*)(x509->certPolicies[i]); obj->obj = (byte*)(x509->certPolicies[i]);
obj->objSz = MAX_CERTPOL_SZ; obj->objSz = MAX_CERTPOL_SZ;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
if (wolfSSL_sk_ASN1_OBJECT_push(sk, obj) if (wolfSSL_sk_ASN1_OBJECT_push(sk, obj)
!= WOLFSSL_SUCCESS) { != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing ASN1 object onto stack"); WOLFSSL_MSG("Error pushing ASN1 object onto stack");
@@ -9492,8 +9482,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = (byte*)(x509->certPolicies[i]); obj->obj = (byte*)(x509->certPolicies[i]);
obj->objSz = MAX_CERTPOL_SZ; obj->objSz = MAX_CERTPOL_SZ;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
} }
else { else {
WOLFSSL_MSG("No Cert Policy set"); WOLFSSL_MSG("No Cert Policy set");
@@ -9510,7 +9498,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
} }
obj->type = CERT_POLICY_OID; obj->type = CERT_POLICY_OID;
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
} }
else { else {
WOLFSSL_MSG("No Cert Policy set"); WOLFSSL_MSG("No Cert Policy set");
@@ -9572,8 +9559,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
obj->grp = oidCertExtType; obj->grp = oidCertExtType;
obj->obj = x509->extKeyUsageSrc; obj->obj = x509->extKeyUsageSrc;
obj->objSz = x509->extKeyUsageSz; obj->objSz = x509->extKeyUsageSz;
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
} }
else { else {
WOLFSSL_MSG("No Extended Key Usage set"); WOLFSSL_MSG("No Extended Key Usage set");
@@ -38692,7 +38677,7 @@ err:
{ {
WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_free"); WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_free");
if (ne != NULL) { if (ne != NULL) {
wolfSSL_ASN1_OBJECT_free(&ne->object); wolfSSL_ASN1_OBJECT_free(ne->object);
if (ne->value != NULL) { if (ne->value != NULL) {
wolfSSL_ASN1_STRING_free(ne->value); wolfSSL_ASN1_STRING_free(ne->value);
} }
@@ -38747,7 +38732,7 @@ err:
} }
} }
ne->nid = nid; ne->nid = nid;
wolfSSL_OBJ_nid2obj_ex(nid, &ne->object); wolfSSL_OBJ_nid2obj_ex(nid, ne->object);
ne->value = wolfSSL_ASN1_STRING_type_new(type); ne->value = wolfSSL_ASN1_STRING_type_new(type);
if (ne->value != NULL) { if (ne->value != NULL) {
wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz); wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz);
@@ -38787,7 +38772,7 @@ err:
} }
ne->nid = nid; ne->nid = nid;
wolfSSL_OBJ_nid2obj_ex(nid, &ne->object); ne->object = wolfSSL_OBJ_nid2obj_ex(nid, ne->object);
ne->value = wolfSSL_ASN1_STRING_type_new(type); ne->value = wolfSSL_ASN1_STRING_type_new(type);
if (ne->value != NULL) { if (ne->value != NULL) {
wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz); wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz);
@@ -39064,9 +39049,6 @@ err:
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
return NULL; return NULL;
} }
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
} else {
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC;
} }
obj->type = id; obj->type = id;
obj->grp = type; obj->grp = type;
@@ -39229,9 +39211,9 @@ err:
for (idx++; idx < MAX_NAME_ENTRIES; idx++) { for (idx++; idx < MAX_NAME_ENTRIES; idx++) {
/* Find index of desired name */ /* Find index of desired name */
if (name->entry[idx].set) { if (name->entry[idx].set) {
if (XSTRLEN(obj->sName) == XSTRLEN(name->entry[idx].object.sName) && if (XSTRLEN(obj->sName) == XSTRLEN(name->entry[idx].object->sName) &&
XSTRNCMP((const char*) obj->sName, XSTRNCMP((const char*) obj->sName,
name->entry[idx].object.sName, obj->objSz - 1) == 0) { name->entry[idx].object->sName, obj->objSz - 1) == 0) {
return idx; return idx;
} }
} }
@@ -39811,12 +39793,16 @@ err:
defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY) defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY)
WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne) { WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne)
{
WOLFSSL_ASN1_OBJECT* obj = NULL;
WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_object"); WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_object");
if (ne == NULL) return NULL; if (ne == NULL) return NULL;
if (wolfSSL_OBJ_nid2obj_ex(ne->nid, &ne->object) != NULL) { obj = wolfSSL_OBJ_nid2obj_ex(ne->nid, ne->object);
ne->object.nid = ne->nid; if (obj != NULL) {
return &ne->object; obj->nid = ne->nid;
return obj;
} }
return NULL; return NULL;
} }

2
tests/api.c
View File

@@ -29373,7 +29373,6 @@ static void test_wolfSSL_OBJ(void)
AssertTrue((nid = OBJ_obj2nid(asn1Name)) > 0); AssertTrue((nid = OBJ_obj2nid(asn1Name)) > 0);
} }
BIO_free(bio); BIO_free(bio);
ASN1_OBJECT_free(asn1Name);
X509_free(x509); X509_free(x509);
} }
@@ -29397,7 +29396,6 @@ static void test_wolfSSL_OBJ(void)
AssertTrue((nid = OBJ_obj2nid(asn1Name)) > 0); AssertTrue((nid = OBJ_obj2nid(asn1Name)) > 0);
} }
BIO_free(bio); BIO_free(bio);
ASN1_OBJECT_free(asn1Name);
X509_free(x509); X509_free(x509);
} }

2
wolfssl/ssl.h
View File

@@ -3239,7 +3239,7 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
#include <wolfssl/openssl/asn1.h> #include <wolfssl/openssl/asn1.h>
struct WOLFSSL_X509_NAME_ENTRY { struct WOLFSSL_X509_NAME_ENTRY {
WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */ WOLFSSL_ASN1_OBJECT* object; /* static object just for keeping grp, type */
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
int nid; /* i.e. ASN_COMMON_NAME */ int nid; /* i.e. ASN_COMMON_NAME */
int set; int set;