From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-it0-f44.google.com ([209.85.214.44]) by ur; Tue Jan 17 15:59:26 EST 2017 Received: by mail-it0-f44.google.com with SMTP id r185so113041355ita.0 for <9front@9front.org>; Tue, 17 Jan 2017 12:59:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tesio-it.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=oo45zkT0pmnFF5VysqgrbDPp3MAKkYvdfE4dDk5cna8=; b=T4I1Rji2n/wrgF4ssfFI9SIBFxwz38gOCFli5NPzuTRGeWdinfaDqAB/y3Y9G4yT20 CCKMgIg31zVSN3v9iUEEK5JA0V0xrtxVTmCHbTEF7ax6w1KInXPbNO9i4XOwPtGyR6Ce LijIZBASJFLwZbdMQV4MCnZdZ8CZqyvU67p5qt7wVPFdcmpC4DfR5wr4wtpkNMODvmR6 Yo9c3n2VanPJETiDLlZ56gFGCSRkhNrkZ21l3bXS2iinEyGfEyzDtYx4JAo5Kj3NZwwE OZ898vtXiyfsMIXEliUTu+GekDCqJR1Yaiem8akUCdkqjY1QAG6vXIcPLG22nCruPIJG Bryw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=oo45zkT0pmnFF5VysqgrbDPp3MAKkYvdfE4dDk5cna8=; b=NhoJRHO/8s/lUYHecfZ4AKPVOOM0jg6ezUalG7W1VKMTR81FHBRYOQb15Ei8gJZjof TGAwSUvySHhuvUF+xEWeSCztFcmk38DMOt685bLQ3mTvDOXWKjKepOiuj6keIcatj6yc 1vmD9h9Y4IKmc2CEL/5Nvfb8gPSFFsOtsVQLOXMiWjhsprHiSjW+XDtRaUKjmRI6CF4A OxLOUWIfq/AzJe3PF3Y5g7/5Biw3SR8sopqnddUYjxN044HG48qOtPaKilnQ8gGGPSko mtUhY/yLnDVx0VEsaSCRYQ1f4BVFt8Z9Ve3ZRgqgEkv66s25VM3dU6Lree53ojB+Aj+1 s6KQ== X-Gm-Message-State: AIkVDXKh4lUAOwrs1dVTnXXLegqLPqwFgw/cMdzgkpVOUV8PNl8XF+RrvuvjJgnVmuYeodF9N1s3FA7l4uACmg== X-Received: by 10.36.69.30 with SMTP id y30mr21273717ita.119.1484686758057; Tue, 17 Jan 2017 12:59:18 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.135.169 with HTTP; Tue, 17 Jan 2017 12:59:17 -0800 (PST) From: Giacomo Tesio Date: Tue, 17 Jan 2017 21:59:17 +0100 Message-ID: Subject: out of bound access in libsec To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>, 9front@9front.org Content-Type: multipart/alternative; boundary=001a11c14914d12fe905465092a6 List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: core injection hardware standard --001a11c14914d12fe905465092a6 Content-Type: text/plain; charset=UTF-8 Hi, running coverity scan on libsec it reported two defects that do not seem false positives: 1. an out of bound access to aesXCBCmac (see https://github.com/JehanneOS/jehanne/issues/3 ) 2. an out of bound access in msgRecv, tlshand.c:1809 (see https://github.com/JehanneOS/jehanne/issues/4 ) I verified that the code is more or less the same on 9front. I "fixed" the first with an assert, but I'm not sure wherther passing sizeof(m->u.finished.verify) to memset in the second is the correct solution. Am I missing something? Giacomo --001a11c14914d12fe905465092a6 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi, running coverity scan on libs= ec it reported two defects that do not seem false positives:

1= . an out of bound access to aesXCBCmac (see https://github.com/JehanneOS/jehanne/issues/3 )
2. an out of bound access in msgRecv, tlshand.c:1809 (see https://github.com/Je= hanneOS/jehanne/issues/4 )

I verified that the code is mor= e or less the same on 9front.
I "fixed" the first with a= n assert, but I'm not sure wherther passing sizeof(m->u.finished.verify) to memset in the second is the correct solution.

Am I = missing something?


Giacomo

--001a11c14914d12fe905465092a6-- From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from duke.felloff.net ([216.126.196.34]) by ur; Tue Jan 17 16:27:48 EST 2017 Message-ID: <355339a4ebae631de2783a2d15952250@felloff.net> Date: Tue, 17 Jan 2017 22:27:42 +0100 From: cinap_lenrek@felloff.net To: 9front@9front.org Subject: Re: [9front] out of bound access in libsec In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: extended private CSS component on 2), how is there an out of bounds access? m->u.finished.n gets initialized to c->finished.n, which is eigther 0 before setVersion() as emalloc() zeros the TlsConnection struct or SSL3FinishedLen/TLSFinishedLen after when we got the client/server hello. not 32767. -- cinap From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from duke.felloff.net ([216.126.196.34]) by ur; Tue Jan 17 16:37:00 EST 2017 Message-ID: <0f72c8d86c729b6da085be697a7c56e3@felloff.net> Date: Tue, 17 Jan 2017 22:36:42 +0100 From: cinap_lenrek@felloff.net To: 9front@9front.org Subject: Re: [9front] out of bound access in libsec In-Reply-To: <355339a4ebae631de2783a2d15952250@felloff.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: framework-scale realtime-java pipelining-aware full-stack controller on 1), the comment says right here that it does not deal with keys bigger than 128 bits. which is implied by s->keybytes == 16. so rounds is 10 here as of aes_setupEnc(). given 4*(10+1) == 48, so the buffer size holds. -- cinap From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from duke.felloff.net ([216.126.196.34]) by ur; Tue Jan 17 16:51:15 EST 2017 Message-ID: <5ba32316ac0f8d983d5b18785ef1735d@felloff.net> Date: Tue, 17 Jan 2017 22:51:08 +0100 From: cinap_lenrek@felloff.net To: 9front@9front.org Subject: Re: [9front] out of bound access in libsec In-Reply-To: <0f72c8d86c729b6da085be697a7c56e3@felloff.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: lossless optimized out-scaling-aware WEB2.0 over HTML extension polling-oriented control sorry, i ment 4*(10+1) < 48 :-) From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-it0-f53.google.com ([209.85.214.53]) by ur; Tue Jan 17 17:50:07 EST 2017 Received: by mail-it0-f53.google.com with SMTP id c7so53557610itd.1 for <9front@9front.org>; Tue, 17 Jan 2017 14:50:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tesio-it.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=IF7Ql/lm0ebQMuoYmUwP0gv6DSeIoDMUp6jzMAjWH1s=; b=akPDrnGJlQc9fZHF+poeWfg4aXcEIpXgW3OneWiWsivIhfEFRaeTLIseCzDGOLeFx0 zXGRq2oyjGJQS2z+FgI3A9KQGDI0r7ZsuzGv3JUtMJQxJLePA1gsIcS8Iz7ySip3VCPx U/pjzWjjhvYXNCJggDYci0IjyMSBwx/hJ2nGNu+pUW6THSLbPa1qBKHyjCn3gQKulY+F z3NrBJVVe9hzwawxbbjiNQjhqsp6zDMBBCnk9hAWuAlEMNgSs8KkkeoplzEynUvy992r sTHRcjDeo8/waWu8yl8MJXz7LJBaYB4sDAlRzVjdfKXUFdEqdkFMurweEN9tnCOzXvOz Z53A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=IF7Ql/lm0ebQMuoYmUwP0gv6DSeIoDMUp6jzMAjWH1s=; b=jvjOn4CiqUuE1MJ/BQd5SImsMEBOtv+/k/HMNguQxjY1GqTEYw0ZI3/KRa4NKqxH0w LW35fOgrkiZPi4Ta5JAGjwfDQTBLBWUt3ftSXbVkC8tAlHZu9LtghCnLdOTqDqxNOXwJ 0qs3h/qagZbb52WARgksKJpbi1VI1W4O7+8hv7+5nJojdhzYudfoINXrh0JJWDcf+pZw aUou1+NiuVdZETO31AaNO8cHAUfW92UkOhe+Q1GEaN2MSQtuk0aswzaLvLYYpr8Cj0BS yM2WZ0j9c7I1obnY2/CE91n0fO57YwuGTjhqQKeuRx9UdHhx9BK5KwkiZQhTxcDiQAFf jUaQ== X-Gm-Message-State: AIkVDXIDsB6E7eGUyPma31E6nv2rZhs2Ka8aJ545wIL8FKa/3wcYsnuu2cFzhNd5dE5iA6MSToBIW7jrGT1wzA== X-Received: by 10.36.73.93 with SMTP id z90mr572010ita.119.1484693402083; Tue, 17 Jan 2017 14:50:02 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.135.169 with HTTP; Tue, 17 Jan 2017 14:50:01 -0800 (PST) In-Reply-To: <0f72c8d86c729b6da085be697a7c56e3@felloff.net> References: <355339a4ebae631de2783a2d15952250@felloff.net> <0f72c8d86c729b6da085be697a7c56e3@felloff.net> From: Giacomo Tesio Date: Tue, 17 Jan 2017 23:50:01 +0100 Message-ID: Subject: Re: [9front] out of bound access in libsec To: 9front@9front.org Content-Type: multipart/alternative; boundary=001a11448eaad4ff920546521eb4 List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: optimized secure engine YAML over ACPI general-purpose pipelining event --001a11448eaad4ff920546521eb4 Content-Type: text/plain; charset=UTF-8 For 1) aesXCBCmac is an exported function thus it could get a broken AESstate from the caller. For 2) you are right... thanks! Giacomo 2017-01-17 22:36 GMT+01:00 : > on 1), the comment says right here that it does not deal with keys > bigger than 128 bits. which is implied by s->keybytes == 16. so rounds > is 10 here as of aes_setupEnc(). given 4*(10+1) == 48, so the buffer > size holds. > > -- > cinap > --001a11448eaad4ff920546521eb4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
For 1) aesXCBCmac is an exported function thus i= t could get a broken AESstate from the caller.
For 2) you are righ= t... thanks!


Giacomo
<= br>
2017-01-17 22:36 GMT+01:00 <cinap_le= nrek@felloff.net>:
on 1), t= he comment says right here that it does not deal with keys
bigger than 128 bits. which is implied by s->keybytes =3D=3D 16. so roun= ds
is 10 here as of aes_setupEnc(). given 4*(10+1) =3D=3D 48, so the buffer size holds.

--
cinap

--001a11448eaad4ff920546521eb4-- From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from duke.felloff.net ([216.126.196.34]) by ur; Tue Jan 17 17:55:27 EST 2017 Message-ID: <6501e889a4a9ae05341408b97f4faa93@felloff.net> Date: Tue, 17 Jan 2017 23:55:20 +0100 From: cinap_lenrek@felloff.net To: 9front@9front.org Subject: Re: [9front] out of bound access in libsec In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: stateless callback realtime-scale firewall grid > For 1) aesXCBCmac is an exported function thus it could get a broken > AESstate from the caller. thats not how aes works. the number of rounds depends on the key size. it would be really strange if someone broke that assumption. -- cinap