From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Dorjoy Chowdhury" <dorjoychy111@gmail.com>
Subject: [PATCH 1/2] crypto/hash: avoid overwriting user supplied result pointer
Date: Tue, 15 Oct 2024 13:56:28 +0100 [thread overview]
Message-ID: <20241015125629.301367-2-berrange@redhat.com> (raw)
In-Reply-To: <20241015125629.301367-1-berrange@redhat.com>
If the user provides a pre-allocated buffer for the hash result,
we must use that rather than re-allocating a new buffer.
Reported-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/hash-gcrypt.c | 15 ++++++++++++---
crypto/hash-glib.c | 11 +++++++++--
crypto/hash-gnutls.c | 16 +++++++++++++---
crypto/hash-nettle.c | 14 +++++++++++---
4 files changed, 45 insertions(+), 11 deletions(-)
diff --git a/crypto/hash-gcrypt.c b/crypto/hash-gcrypt.c
index ccc3cce3f8..73533a4949 100644
--- a/crypto/hash-gcrypt.c
+++ b/crypto/hash-gcrypt.c
@@ -103,16 +103,25 @@ int qcrypto_gcrypt_hash_finalize(QCryptoHash *hash,
size_t *result_len,
Error **errp)
{
+ int ret;
unsigned char *digest;
gcry_md_hd_t *ctx = hash->opaque;
- *result_len = gcry_md_get_algo_dlen(qcrypto_hash_alg_map[hash->alg]);
- if (*result_len == 0) {
+ ret = gcry_md_get_algo_dlen(qcrypto_hash_alg_map[hash->alg]);
+ if (ret == 0) {
error_setg(errp, "Unable to get hash length");
return -1;
}
- *result = g_new(uint8_t, *result_len);
+ if (*result_len == 0) {
+ *result_len = ret;
+ *result = g_new(uint8_t, *result_len);
+ } else if (*result_len != ret) {
+ error_setg(errp,
+ "Result buffer size %zu is smaller than hash %d",
+ *result_len, ret);
+ return -1;
+ }
/* Digest is freed by gcry_md_close(), copy it */
digest = gcry_md_read(*ctx, 0);
diff --git a/crypto/hash-glib.c b/crypto/hash-glib.c
index 02a6ec1edf..809cef98ae 100644
--- a/crypto/hash-glib.c
+++ b/crypto/hash-glib.c
@@ -99,8 +99,15 @@ int qcrypto_glib_hash_finalize(QCryptoHash *hash,
return -1;
}
- *result_len = ret;
- *result = g_new(uint8_t, *result_len);
+ if (*result_len == 0) {
+ *result_len = ret;
+ *result = g_new(uint8_t, *result_len);
+ } else if (*result_len != ret) {
+ error_setg(errp,
+ "Result buffer size %zu is smaller than hash %d",
+ *result_len, ret);
+ return -1;
+ }
g_checksum_get_digest(ctx, *result, result_len);
return 0;
diff --git a/crypto/hash-gnutls.c b/crypto/hash-gnutls.c
index 34a63994c9..99fbe824ea 100644
--- a/crypto/hash-gnutls.c
+++ b/crypto/hash-gnutls.c
@@ -115,14 +115,24 @@ int qcrypto_gnutls_hash_finalize(QCryptoHash *hash,
Error **errp)
{
gnutls_hash_hd_t *ctx = hash->opaque;
+ int ret;
- *result_len = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]);
- if (*result_len == 0) {
+ ret = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]);
+ if (ret == 0) {
error_setg(errp, "Unable to get hash length");
return -1;
}
- *result = g_new(uint8_t, *result_len);
+ if (*result_len == 0) {
+ *result_len = ret;
+ *result = g_new(uint8_t, *result_len);
+ } else if (*result_len != ret) {
+ error_setg(errp,
+ "Result buffer size %zu is smaller than hash %d",
+ *result_len, ret);
+ return -1;
+ }
+
gnutls_hash_output(*ctx, *result);
return 0;
}
diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c
index 3b847aa60e..c78624b347 100644
--- a/crypto/hash-nettle.c
+++ b/crypto/hash-nettle.c
@@ -150,9 +150,17 @@ int qcrypto_nettle_hash_finalize(QCryptoHash *hash,
Error **errp)
{
union qcrypto_hash_ctx *ctx = hash->opaque;
-
- *result_len = qcrypto_hash_alg_map[hash->alg].len;
- *result = g_new(uint8_t, *result_len);
+ int ret = qcrypto_hash_alg_map[hash->alg].len;
+
+ if (*result_len == 0) {
+ *result_len = ret;
+ *result = g_new(uint8_t, *result_len);
+ } else if (*result_len != ret) {
+ error_setg(errp,
+ "Result buffer size %zu is smaller than hash %d",
+ *result_len, ret);
+ return -1;
+ }
qcrypto_hash_alg_map[hash->alg].result(ctx, *result_len, *result);
--
2.46.0
next prev parent reply other threads:[~2024-10-15 12:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-15 12:56 [PATCH 0/2] crypto: fix regression in hash result buffer handling Daniel P. Berrangé
2024-10-15 12:56 ` Daniel P. Berrangé [this message]
2024-10-15 14:13 ` [PATCH 1/2] crypto/hash: avoid overwriting user supplied result pointer Dorjoy Chowdhury
2024-10-15 12:56 ` [PATCH 2/2] tests: correctly validate result buffer in hash/hmac tests Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241015125629.301367-2-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=dorjoychy111@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.