lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Ensure ctr_drbg is initialised every time

Browse Source 
ctr_drbg is a local variable and thus needs initialisation every time
LLVMFuzzerTestOneInput() is called, the rest of the variables inside the
if(initialised) block are all static.

Add extra validation to attempt to catch this issue in future.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott
2022-02-10 18:15:42 +00:00
parent 1ab2d6966c
commit 00738bf65e
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
library/aes.c
View File

@@ -971,6 +971,7 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
unsigned char output[16] ) unsigned char output[16] )
{ {
AES_VALIDATE_RET( ctx != NULL ); AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( ctx->rk != NULL );
AES_VALIDATE_RET( input != NULL ); AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL ); AES_VALIDATE_RET( output != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||

13
programs/fuzz/fuzz_server.c
View File

@@ -55,13 +55,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
} }
options = Data[Size - 1]; options = Data[Size - 1];
if (initialized == 0) { mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_entropy_init( &entropy );
mbedtls_entropy_init( &entropy );
if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
(const unsigned char *) pers, strlen( pers ) ) != 0 ) ( const unsigned char * ) pers, strlen( pers ) ) != 0 )
return 1; return 1;
if (initialized == 0) {
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_x509_crt_init( &srvcert ); mbedtls_x509_crt_init( &srvcert );