Bug 204009 - [patch] buffer overflow when zerokey in AES ICM
Summary: [patch] buffer overflow when zerokey in AES ICM
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2015-10-25 09:27 UTC by luke.tw
Modified: 2016-08-08 19:43 UTC (History)
1 user (show)

See Also:


Attachments
AES ICM zerokey patch (323 bytes, patch)
2015-10-25 09:27 UTC, luke.tw
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description luke.tw 2015-10-25 09:27:01 UTC
Created attachment 162438 [details]
AES ICM zerokey patch

* buffer allocation: malloc() 260 bytes
       
sched = malloc(sizeof(struct aes_icm_ctx), M_CRYPTO_DATA, M_NOWAIT | M_ZERO);
aes_icm_setkey() at aes_icm_setkey+0x67/frame 0xfffffe0616f8c340
swcr_newsession() at swcr_newsession+0x3b8/frame 0xfffffe0616f8c390
crypto_newsession() at crypto_newsession+0x1e9/frame 0xfffffe0616f8c3e0
esp_init() at esp_init+0x308/frame 0xfffffe0616f8c480
key_setsaval() at key_setsaval+0x2ba/frame 0xfffffe0616f8c4c0
key_newsav() at key_newsav+0xe4/frame 0xfffffe0616f8c500
key_add() at key_add+0x51f/frame 0xfffffe0616f8c5a0
key_parse() at key_parse+0x8cd/frame 0xfffffe0616f8c790
sosend_generic() at sosend_generic+0x42f/frame 0xfffffe0616f8c850
kern_sendit() at kern_sendit+0x21b/frame 0xfffffe0616f8c900
sendit() at sendit+0x126/frame 0xfffffe0616f8c950
sys_sendto() at sys_sendto+0x4d/frame 0xfffffe0616f8c9a0
amd64_syscall() at amd64_syscall+0x2de/frame 0xfffffe0616f8cab0
Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe0616f8cab0


* buffer overflow: bzero() 488 bytes
    
bzero(*sched, sizeof(rijndael_ctx)); 
rijndael128_zerokey() at rijndael128_zerokey+0x26/frame 0xfffffe0616f8c400
swcr_freesession_locked() at swcr_freesession_locked+0x81/frame 0xfffffe0616f8c430
swcr_freesession() at swcr_freesession+0x29/frame 0xfffffe0616f8c450
crypto_freesession() at crypto_freesession+0xc1/frame 0xfffffe0616f8c490
ah_zeroize() at ah_zeroize+0x2e/frame 0xfffffe0616f8c4b0
esp_zeroize() at esp_zeroize+0xf/frame 0xfffffe0616f8c4d0
key_cleansav() at key_cleansav+0x1c/frame 0xfffffe0616f8c4f0
key_delsav() at key_delsav+0x5d/frame 0xfffffe0616f8c510
_key_freesp() at _key_freesp+0xaf/frame 0xfffffe0616f8c550
key_spdflush() at key_spdflush+0x1a7/frame 0xfffffe0616f8c5a0
key_parse() at key_parse+0x8cd/frame 0xfffffe0616f8c790
sosend_generic() at sosend_generic+0x42f/frame 0xfffffe0616f8c850
kern_sendit() at kern_sendit+0x21b/frame 0xfffffe0616f8c900
sendit() at sendit+0x126/frame 0xfffffe0616f8c950
sys_sendto() at sys_sendto+0x4d/frame 0xfffffe0616f8c9a0
amd64_syscall() at amd64_syscall+0x2de/frame 0xfffffe0616f8cab0
Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe0616f8cab0
Comment 1 commit-hook freebsd_committer freebsd_triage 2016-08-01 22:57:58 UTC
A commit references this bug:

Author: cem
Date: Mon Aug  1 22:57:03 UTC 2016
New revision: 303650
URL: https://svnweb.freebsd.org/changeset/base/303650

Log:
  opencrypto AES-ICM: Fix heap corruption typo

  This error looks like it was a simple copy-paste typo in the original commit
  for this code (r275732).

  PR:		204009
  Reported by:	Chang-Hsien Tsai <luke.tw AT gmail.com>
  Sponsored by:	EMC / Isilon Storage Division

Changes:
  head/sys/opencrypto/xform_aes_icm.c
Comment 2 Conrad Meyer freebsd_committer freebsd_triage 2016-08-01 23:07:48 UTC
Thanks!
Comment 3 commit-hook freebsd_committer freebsd_triage 2016-08-08 19:43:48 UTC
A commit references this bug:

Author: bdrewery
Date: Mon Aug  8 19:43:07 UTC 2016
New revision: 303849
URL: https://svnweb.freebsd.org/changeset/base/303849

Log:
  MFC r303650:

    opencrypto AES-ICM: Fix heap corruption typo

  PR:		204009
  Approved by:	re (kib)

Changes:
_U  stable/11/
  stable/11/sys/opencrypto/xform_aes_icm.c