CVE-2021-3634: Create a separate length for session_id

Normally, the length of session_id and secret_hash is the same, but if we will get into rekeying with a peer that changes preference of key exchange algorithm, the new secret hash can be larger or smaller than the previous session_id causing invalid reads or writes. Resolves https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35485 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-07-31 00:03:07 +03:00 · 2021-06-23 13:16:33 +02:00
parent a3b2229a4e
commit f5211239f9
10 changed files with 23 additions and 18 deletions
--- a/tests/unittests/torture_session_keys.c
+++ b/tests/unittests/torture_session_keys.c
@ -48,8 +48,9 @@ struct ssh_cipher_struct fake_out_cipher = {
 };

 struct ssh_crypto_struct test_crypto = {
-    .digest_len = 32,
+    .session_id_len = 32,
    .session_id = secret,
+    .digest_len = 32,
    .secret_hash = secret,
    .in_cipher = &fake_in_cipher,
    .out_cipher = &fake_out_cipher,