Merge pull request #3616 from militant-daos/bug_3175

Fix premature fopen() call in mbedtls_entropy_write_seed_file
This commit is contained in:
Gilles Peskine 2021-03-30 17:33:08 +02:00 committed by GitHub
commit bf792e0a82
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 37 additions and 6 deletions

View File

@ -0,0 +1,5 @@
Bugfix
* Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
lead to the seed file corruption in case if the path to the seed file is
equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor
Krasnoshchok in #3616.

View File

@ -471,15 +471,21 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ) int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
{ {
int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
FILE *f; FILE *f = NULL;
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
{
ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
goto exit; goto exit;
}
if( ( f = fopen( path, "wb" ) ) == NULL )
{
ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
goto exit;
}
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE ) if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
{ {
@ -492,7 +498,9 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
exit: exit:
mbedtls_platform_zeroize( buf, sizeof( buf ) ); mbedtls_platform_zeroize( buf, sizeof( buf ) );
fclose( f ); if( f != NULL )
fclose( f );
return( ret ); return( ret );
} }

View File

@ -13,6 +13,9 @@ entropy_seed_file:"data_files/entropy_seed":0
Entropy write/update seed file: nonexistent Entropy write/update seed file: nonexistent
entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
Entropy write/update seed file: base NV seed file
entropy_write_base_seed_file:0
Entropy no sources Entropy no sources
entropy_no_sources: entropy_no_sources:

View File

@ -171,6 +171,21 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
void entropy_write_base_seed_file( int ret )
{
mbedtls_entropy_context ctx;
mbedtls_entropy_init( &ctx );
TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
exit:
mbedtls_entropy_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void entropy_no_sources( ) void entropy_no_sources( )
{ {