NSS: SEED_CBC encryption out-of-bounds write
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
People
(Reporter: guidovranken, Assigned: marcus.apb)
Details
(Keywords: csectype-bounds, sec-low, Whiteboard: [reporter-external] [client-bounty-form] [verif?])
Attachments
(2 files)
1.72 KB,
patch
|
Details | Diff | Splinter Review | |
47 bytes,
text/x-phabricator-request
|
Details | Review |
Tested against NSS trunk.
Compile and run the attached file to get:
=================================================================
==24042==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000006f6 at pc 0x000000ac3111 bp 0x7ffe9b5248f0 sp 0x7ffe9b5248e8
WRITE of size 1 at 0x6020000006f6 thread T0
#0 0xac3110 in SEED_cbc_encrypt /home/jhg/nss/nss/out/Debug/../../lib/freebl/seed.c:451:24
#1 0xac42f4 in SEED_Encrypt /home/jhg/nss/nss/out/Debug/../../lib/freebl/seed.c:597:13
#2 0x6aaece in NSC_Encrypt /home/jhg/nss/nss/out/Debug/../../lib/softoken/pkcs11c.c:1479:10
#3 0x5eddd9 in PK11_Encrypt /home/jhg/nss/nss/out/Debug/../../lib/pk11wrap/pk11obj.c:979:11
#4 0x519165 in main /home/jhg/nss/cryptofuzz/poc_seed_cbc.cpp:46:5
#5 0x7f2dcf3b6b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
#6 0x41c679 in _start (/home/jhg/nss/cryptofuzz/a.out+0x41c679)
0x6020000006f6 is located 0 bytes to the right of 6-byte region [0x6020000006f0,0x6020000006f6)
allocated by thread T0 here:
#0 0x4dc530 in __interceptor_malloc (/home/jhg/nss/cryptofuzz/a.out+0x4dc530)
#1 0x518fd1 in main /home/jhg/nss/cryptofuzz/poc_seed_cbc.cpp:29:30
#2 0x7f2dcf3b6b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
Updated•5 years ago
|
Reporter | ||
Comment 1•5 years ago
|
||
I don't know if this is in scope or can be reached through Firefox. Unless there is a bug in my code, it's best that it gets fixed though. My apologies if I unduly filed this report under your bug bounty program.
Updated•5 years ago
|
Comment 2•5 years ago
|
||
I don't see a pref for the SEED cipher in about:config so I guess we've disabled it in Firefox? I see bugs for enabling it ~2009 but I don't see where we turned it off.
Comment 4•5 years ago
|
||
Looks like for TLS, it's disabled by default in NSS and Firefox (where it was removed in Bug 934663). Telemetry confirms this.
Any other software using NSS that allows arbitrary mechanisms to PK11_Encrypt could select it, however.
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 5•5 years ago
|
||
Assignee | ||
Comment 6•5 years ago
|
||
This error is caused when the output buffer hasn't enough memory allocated.
Inserted a test to return SECFailure in this case.
Comment 7•5 years ago
|
||
I don't think this needs uplift to ESR or Beta, but if you disagree please push back.
Assuming no uplift, let's land it this week.
Updated•5 years ago
|
Comment 8•5 years ago
|
||
Reporter | ||
Comment 9•5 years ago
|
||
I suppose this is not eligible for a bounty because it doesn't affect Firefox?
Comment 10•5 years ago
|
||
We'll let the bounty team make a determination.
Updated•5 years ago
|
Comment 11•5 years ago
|
||
(In reply to Guido Vranken from comment #9)
I suppose this is not eligible for a bounty because it doesn't affect Firefox?
Unfortunately correct, but we will add you to our Hall of Fame page.
Updated•4 years ago
|
Description
•