Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport 2.28: Fix uninitialised memory access in constant time functions #5859

Merged
merged 1 commit into from
Jun 1, 2022
Merged

Backport 2.28: Fix uninitialised memory access in constant time functions #5859

merged 1 commit into from
Jun 1, 2022

Conversation

paul-elliott-arm
Copy link
Member

Description

Fix an issue reported by Coverity whereby some constant time functions called from the ssl decrypt code could potentially access uninitialised memory, by zeroing memory in two of the places where this function is used.

Add a note to mbedtls_ct_memcpy_if_eq() documentation to warn that it reads from the buffer as well as writing to it. Note that no decisions are taken as a result of the uninitialised data, but obviously its still not best practice.

This is a backport of #5829

Status

READY

Migrations

NO

Additional comments

As we are not trying to hide the length that will be copied, I used memset to zero the target buffers. I hope this is not too out of place in constant_time.c, and will re-write if people feel that it is.

Todos

  • Tests
  • Documentation
  • Changelog updated

Steps to test or reproduce

test_suite_ssl should run clean.

@paul-elliott-arm
Fix uninitialised memory access in constant time functions
b830028 
Fix an issue reported by Coverity whereby some constant time functions
called from the ssl decrypt code could potentially access uninitialised
memory.

Signed-off-by: Paul Elliott <[email protected]>
@paul-elliott-arm paul-elliott-arm self-assigned this May 19, 2022
@paul-elliott-arm paul-elliott-arm added bug needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review size-s Estimated task size: small (~2d) priority-medium Medium priority - this can be reviewed as time permits labels May 19, 2022
@daverodgman daverodgman self-requested a review May 20, 2022 16:36
@paul-elliott-arm paul-elliott-arm changed the title Fix uninitialised memory access in constant time functions Backport 2.28: Fix uninitialised memory access in constant time functions May 30, 2022
@paul-elliott-arm paul-elliott-arm mentioned this pull request May 30, 2022
Merged
3 tasks
@gilles-peskine-arm gilles-peskine-arm removed needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review labels Jun 1, 2022
@gilles-peskine-arm gilles-peskine-arm merged commit 7bda291 into Mbed-TLS:mbedtls-2.28 Jun 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tom-cosgrove-arm tom-cosgrove-arm tom-cosgrove-arm approved these changes

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm approved these changes

@daverodgman daverodgman daverodgman approved these changes

Assignees

@paul-elliott-arm paul-elliott-arm

Labels
bug priority-medium Medium priority - this can be reviewed as time permits size-s Estimated task size: small (~2d)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@paul-elliott-arm @daverodgman @gilles-peskine-arm @tom-cosgrove-arm