From 27f13eb527bd04599ed887d58bf2ad05c477ca02 Mon Sep 17 00:00:00 2001 From: Frank Denis <124872+jedisct1@users.noreply.github.com> Date: Sat, 13 Feb 2021 03:10:40 +0100 Subject: [PATCH] libsodium: don't use the stack for potentially large data (#5190) * libsodium: don't use the stack for potentially large data Also check return codes of verification functions, and properly check the random implementation name. * Add license headers --- projects/libsodium/fake_random.h | 16 ++++++++++++- projects/libsodium/secret_key_auth_fuzzer.cc | 19 ++++++++++++++- projects/libsodium/secretbox_easy_fuzzer.cc | 25 +++++++++++++++++--- 3 files changed, 55 insertions(+), 5 deletions(-) diff --git a/projects/libsodium/fake_random.h b/projects/libsodium/fake_random.h index 36d8d89ba..9519b0ce2 100644 --- a/projects/libsodium/fake_random.h +++ b/projects/libsodium/fake_random.h @@ -1,3 +1,17 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + #ifndef FAKE_RANDOM_H_ #define FAKE_RANDOM_H_ @@ -43,7 +57,7 @@ setup_fake_random(const unsigned char * seed, const size_t seed_size) { int fake_random_set = randombytes_set_implementation(&fake_random); assert(fake_random_set == 0); - assert(randombytes_implementation_name() == "fake_random"); + assert(strcmp(randombytes_implementation_name(), "fake_random") == 0); int initialized = sodium_init(); assert(initialized >= 0); } diff --git a/projects/libsodium/secret_key_auth_fuzzer.cc b/projects/libsodium/secret_key_auth_fuzzer.cc index 32bb5fe83..ce46781f4 100644 --- a/projects/libsodium/secret_key_auth_fuzzer.cc +++ b/projects/libsodium/secret_key_auth_fuzzer.cc @@ -1,4 +1,19 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + #include +#include #include #include "fake_random.h" @@ -16,6 +31,8 @@ extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { crypto_auth_keygen(key); crypto_auth(mac, data, size, key); - crypto_auth_verify(mac, data, size, key); + int err = crypto_auth_verify(mac, data, size, key); + assert(err == 0); + return 0; } diff --git a/projects/libsodium/secretbox_easy_fuzzer.cc b/projects/libsodium/secretbox_easy_fuzzer.cc index 4e25bcc7a..a37c88b6b 100644 --- a/projects/libsodium/secretbox_easy_fuzzer.cc +++ b/projects/libsodium/secretbox_easy_fuzzer.cc @@ -1,4 +1,19 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + #include +#include #include #include "fake_random.h" @@ -17,12 +32,16 @@ extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { randombytes_buf(nonce, sizeof nonce); size_t ciphertext_len = crypto_secretbox_MACBYTES + size; - unsigned char ciphertext[ciphertext_len]; + unsigned char *ciphertext = (unsigned char *) malloc(ciphertext_len); crypto_secretbox_easy(ciphertext, data, size, nonce, key); - unsigned char decrypted[size]; - crypto_secretbox_open_easy(decrypted, ciphertext, ciphertext_len, nonce, key); + unsigned char *decrypted = (unsigned char *) malloc(size); + int err = crypto_secretbox_open_easy(decrypted, ciphertext, ciphertext_len, nonce, key); + assert(err == 0); + + free((void *) ciphertext); + free((void *) decrypted); return 0; }