yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 04:25:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix potential memory overread in seed functions

Browse Source 
The previous commit introduced a potential memory overread by reading
secret_len bytes from secret->p, while the is no guarantee that secret has
enough limbs for that.

Fix that by using an intermediate buffer and mpi_write_binary().

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-06-17 10:12:43 +02:00
parent 6d61498e05
commit 601128eb58
1 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
library/ecp.c
View File

@ -148,13 +148,21 @@ static inline int ecp_drbg_random( void *p_rng,
static int ecp_drbg_seed( ecp_drbg_context *ctx,
const mbedtls_mpi *secret, size_t secret_len )
{
const unsigned char *secret_p = (const unsigned char *) secret->p;
int ret;
unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
/* The list starts with strong hashes */
const mbedtls_md_type_t md_type = mbedtls_md_list()[0];
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
return( mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_p, secret_len ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
secret_bytes, secret_len ) );
ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len );
cleanup:
mbedtls_zeroize( secret_bytes, secret_len );
return( ret );
}
#elif defined(MBEDTLS_CTR_DRBG_C)
@ -199,10 +207,19 @@ static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len)
static int ecp_drbg_seed( ecp_drbg_context *ctx,
const mbedtls_mpi *secret, size_t secret_len )
{
const unsigned char *secret_p = (const unsigned char *) secret->p;
int ret;
unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
return( mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL,
secret_p, secret_len ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
secret_bytes, secret_len ) );
ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL,
secret_bytes, secret_len );
cleanup:
mbedtls_zeroize( secret_bytes, secret_len );
return( ret );
}
#elif defined(MBEDTLS_SHA512_C) || \