CASE allocates memory based on wire-provided sizes without sound bounds #8924
Assignees
Labels
Comments
tcarmelveilleux
added a commit
to tcarmelveilleux/connectedhomeip
that referenced
this issue
Aug 12, 2021
- Caller and callee code for Sigma2/Sigma3 salt
generation need to stay in sync for correct
usage. If salt buffer grows, but output doesn't
it can cause garbage data to be used since the
salt output MutableByteSpan is assumed correct-sized
rather than ensured to be of correct size.
- This change makes use of the computed final size
to make sure it stays in sync.
- This change also cleans-up:
- Random value buffers on heap now on stack
- Opcert buffers reduced on stack
- No longer trusting some sizes on wire where
a max buffer size on stack is used
- De-uint16-ify several variables
- Reduce scope of HKDF for SR2K/SR3K
- Remove some superfluous size variables
Testing done: cert tests and unit tests run successfully
Fixes: project-chip#8913
Issue: project-chip#8924
andy31415
pushed a commit
that referenced
this issue
Aug 13, 2021
* Properly set CASE salt span sizes and CASE cleanups
- Caller and callee code for Sigma2/Sigma3 salt
generation need to stay in sync for correct
usage. If salt buffer grows, but output doesn't
it can cause garbage data to be used since the
salt output MutableByteSpan is assumed correct-sized
rather than ensured to be of correct size.
- This change makes use of the computed final size
to make sure it stays in sync.
- This change also cleans-up:
- Random value buffers on heap now on stack
- Opcert buffers reduced on stack
- No longer trusting some sizes on wire where
a max buffer size on stack is used
- De-uint16-ify several variables
- Reduce scope of HKDF for SR2K/SR3K
- Remove some superfluous size variables
Testing done: cert tests and unit tests run successfully
Fixes: #8913
Issue: #8924
* Restyled by clang-format
* Restyled by clang-format
* Add comment per @msandstedt
Co-authored-by: Restyled.io <[email protected]>
nikita-s-wrk
pushed a commit
to nikita-s-wrk/connectedhomeip
that referenced
this issue
Sep 23, 2021
* Properly set CASE salt span sizes and CASE cleanups
- Caller and callee code for Sigma2/Sigma3 salt
generation need to stay in sync for correct
usage. If salt buffer grows, but output doesn't
it can cause garbage data to be used since the
salt output MutableByteSpan is assumed correct-sized
rather than ensured to be of correct size.
- This change makes use of the computed final size
to make sure it stays in sync.
- This change also cleans-up:
- Random value buffers on heap now on stack
- Opcert buffers reduced on stack
- No longer trusting some sizes on wire where
a max buffer size on stack is used
- De-uint16-ify several variables
- Reduce scope of HKDF for SR2K/SR3K
- Remove some superfluous size variables
Testing done: cert tests and unit tests run successfully
Fixes: project-chip#8913
Issue: project-chip#8924
* Restyled by clang-format
* Restyled by clang-format
* Add comment per @msandstedt
Co-authored-by: Restyled.io <[email protected]>
andy31415
added
v1_triage_split_9
secure channel
V1.0
security
and removed
secure channel
V1.0
security
labels
|
@tcarmelveilleux I see that a few PRs were merged referencing this. Is the issue fixed? |
|
Marking as closed, please re-open if still an issue. |
|
This is still an issue, as far as I can see. For example, CASESession::HandleSigma2 still does this: |
tcarmelveilleux
added a commit
to tcarmelveilleux/connectedhomeip
that referenced
this issue
Apr 12, 2022
- CASE was using direct lengths of TLV values to allocate heap values, without validations. - Added validations on lengths of Sigma2/3 TBE, with some room to grow - Updated tag order validation logic to be more explicit and easier to read. Fixes project-chip#8924 Test done: - Cert tests still pass - Unit tests still pass
tcarmelveilleux
added a commit
to tcarmelveilleux/connectedhomeip
that referenced
this issue
Apr 12, 2022
- CASE was using direct lengths of TLV values to allocate heap values, without validations. - Added validations on lengths of Sigma2/3 TBE, with some room to grow - Updated tag order validation logic to be more explicit and easier to read. Fixes project-chip#8924 Test done: - Cert tests still pass - Unit tests still pass
tcarmelveilleux
added a commit
that referenced
this issue
Apr 13, 2022
* Stop allocating CASE buffer based on wire sizes - CASE was using direct lengths of TLV values to allocate heap values, without validations. - Added validations on lengths of Sigma2/3 TBE, with some room to grow - Updated tag order validation logic to be more explicit and easier to read. Fixes #8924 Test done: - Cert tests still pass - Unit tests still pass * Restyled by clang-format Co-authored-by: Restyled.io <[email protected]>
andrei-menzopol
pushed a commit
to andrei-menzopol/connectedhomeip
that referenced
this issue
Apr 14, 2022
* Stop allocating CASE buffer based on wire sizes - CASE was using direct lengths of TLV values to allocate heap values, without validations. - Added validations on lengths of Sigma2/3 TBE, with some room to grow - Updated tag order validation logic to be more explicit and easier to read. Fixes project-chip#8924 Test done: - Cert tests still pass - Unit tests still pass * Restyled by clang-format Co-authored-by: Restyled.io <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem
In CASESession.cpp, there exists several usage of the following pattern:
VerifyOrExit(msg_R2_Encrypted.Alloc(tlvReader.GetLength()), err = CHIP_ERROR_NO_MEMORY);This assumes in many places that
tlvReader.GetLength()is not a huge value (or contextually large value), even though only certain values are permissible.Proposed Solution
All usage of
tlvReader.GetLength()for allocations should be audited and each one should be validated against a valid upper bound for the size of the value being read, within practical limits.The text was updated successfully, but these errors were encountered: