Bug#1003074: libwolfssl30: wc_HashInit(h, WC_HASH_TYPE_SHA512) overflows

Mon, 03 Jan 2022 09:09:16 -0800 

Package: libwolfssl30
Version: 5.0.0-1+b1
Severity: important

Dear Maintainer,

the unit test for WolfSSL hashing in GNU Wget2 crashes.
Valgrind reports a buffer overflow.

This can be reproduced with this little C code:
#include <stdlib.h>
#define WOLFSSL_SHA512
#define WC_NO_HARDEN
#include <wolfssl/wolfcrypt/hash.h>
int main(void)
{
        wc_HashAlg *h = malloc(sizeof(wc_HashAlg));
        wc_HashInit(h, WC_HASH_TYPE_SHA512);
        return 0;
}

Compile it with 'gcc -g -O0 sha512_overflow.c -o sha512_overflow -lwolfssl'
and run it with 'valgrind ./sha512_overflow'.

Valgrind output:
==1781168== Invalid write of size 4
==1781168==    at 0x48DCEB1: wc_InitSha512_ex (in 
/usr/lib/x86_64-linux-gnu/libwolfssl.so.30.0.0)
==1781168==    by 0x10916F: main (sha512_overflow.c:11)
==1781168==  Address 0x4e27120 is 0 bytes after a block of size 224 alloc'd
==1781168==    at 0x483F7B5: malloc (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1781168==    by 0x10915A: main (sha512_overflow.c:9)
==1781168== 
==1781168== Invalid write of size 8
==1781168==    at 0x48DCEB7: wc_InitSha512_ex (in 
/usr/lib/x86_64-linux-gnu/libwolfssl.so.30.0.0)
==1781168==    by 0x10916F: main (sha512_overflow.c:11)
==1781168==  Address 0x4e27128 is 8 bytes after a block of size 224 alloc'd
==1781168==    at 0x483F7B5: malloc (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1781168==    by 0x10915A: main (sha512_overflow.c:9)
==1781168== 
==1781168== Invalid write of size 4
==1781168==    at 0x48DCEE2: wc_InitSha512_ex (in 
/usr/lib/x86_64-linux-gnu/libwolfssl.so.30.0.0)
==1781168==    by 0x10916F: main (sha512_overflow.c:11)
==1781168==  Address 0x4e27130 is 16 bytes after a block of size 224 alloc'd
==1781168==    at 0x483F7B5: malloc (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1781168==    by 0x10915A: main (sha512_overflow.c:9)

The code so far worked with WolfSSL versions < 5.0.0 (e.g. libwolfssl24).

Regards, Tim

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.15.0-2-amd64 (SMP w/12 CPU threads)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libwolfssl30 depends on:
ii  libc6  2.33-1

libwolfssl30 recommends no packages.

libwolfssl30 suggests no packages.

-- no debconf information

Reply via email to