mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 12:05:38 +01:00
Merge pull request #3616 from militant-daos/bug_3175
Fix premature fopen() call in mbedtls_entropy_write_seed_file
This commit is contained in:
commit
bf792e0a82
5
ChangeLog.d/bugfix_PR3616.txt
Normal file
5
ChangeLog.d/bugfix_PR3616.txt
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
Bugfix
|
||||||
|
* Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
|
||||||
|
lead to the seed file corruption in case if the path to the seed file is
|
||||||
|
equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor
|
||||||
|
Krasnoshchok in #3616.
|
@ -471,15 +471,21 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
|
|||||||
#if defined(MBEDTLS_FS_IO)
|
#if defined(MBEDTLS_FS_IO)
|
||||||
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
|
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
FILE *f;
|
FILE *f = NULL;
|
||||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
||||||
|
|
||||||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
|
||||||
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
|
|
||||||
|
|
||||||
if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
|
if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
|
||||||
|
{
|
||||||
|
ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
|
||||||
goto exit;
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||||
|
{
|
||||||
|
ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
||||||
{
|
{
|
||||||
@ -492,7 +498,9 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
|
|||||||
exit:
|
exit:
|
||||||
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
||||||
|
|
||||||
|
if( f != NULL )
|
||||||
fclose( f );
|
fclose( f );
|
||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -13,6 +13,9 @@ entropy_seed_file:"data_files/entropy_seed":0
|
|||||||
Entropy write/update seed file: nonexistent
|
Entropy write/update seed file: nonexistent
|
||||||
entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
|
entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
|
||||||
|
|
||||||
|
Entropy write/update seed file: base NV seed file
|
||||||
|
entropy_write_base_seed_file:0
|
||||||
|
|
||||||
Entropy no sources
|
Entropy no sources
|
||||||
entropy_no_sources:
|
entropy_no_sources:
|
||||||
|
|
||||||
|
@ -171,6 +171,21 @@ exit:
|
|||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
|
||||||
|
void entropy_write_base_seed_file( int ret )
|
||||||
|
{
|
||||||
|
mbedtls_entropy_context ctx;
|
||||||
|
|
||||||
|
mbedtls_entropy_init( &ctx );
|
||||||
|
|
||||||
|
TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
|
||||||
|
TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
|
||||||
|
|
||||||
|
exit:
|
||||||
|
mbedtls_entropy_free( &ctx );
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
/* BEGIN_CASE */
|
||||||
void entropy_no_sources( )
|
void entropy_no_sources( )
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user