Closed Bug 1749475 Opened 2 years ago Closed 2 years ago

Undefined-shift in ssl_FindServerCert

Categories

(NSS :: Libraries, enhancement, P5)

Product:
NSS
Component:
Libraries
Version:
3.54
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: weiwei.tian, Assigned: jschanck)

Details

Attachments

(2 files)

fusiontest-testcase-tls-server-202108090002
489 bytes, application/octet-stream
Details
Bug 1749475 - Avoid undefined shift in SSL_CERT_IS while fuzzing. r=#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36 Edg/96.0.1054.43

Steps to reproduce:

Running: fusiontest-testcase-tls-server-202108090002
../../lib/ssl/sslcert.c:212:14: runtime error: shift exponent 255 is too large for 32-bit type 'int'
#0 0x46f251 in ssl_FindServerCert /src/nss/out/Debug/../../lib/ssl/sslcert.c:212:14
#1 0x4958e3 in tls13_CanResume /src/nss/out/Debug/../../lib/ssl/tls13con.c:1402:10
#2 0x4948d9 in tls13_HandleClientHelloPart2 /src/nss/out/Debug/../../lib/ssl/tls13con.c:1900:14
#3 0x4cee1f in ssl3_HandleClientHello /src/nss/out/Debug/../../lib/ssl/ssl3con.c:8879:14
#4 0x4cd8ef in ssl3_HandleHandshakeMessage /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12096:18
#5 0x4d17a5 in ssl3_HandleHandshake /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12282:18
#6 0x4d055e in ssl3_HandleNonApplicationData /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12807:22
#7 0x4d26d6 in ssl3_HandleRecord /src/nss/out/Debug/../../lib/ssl/ssl3con.c:13105:12
#8 0x4eae08 in ssl3_GatherCompleteHandshake /src/nss/out/Debug/../../lib/ssl/ssl3gthr.c:523:18
#9 0x4ee31c in ssl_GatherRecord1stHandshake /src/nss/out/Debug/../../lib/ssl/sslcon.c:73:10
#10 0x474ac3 in ssl_Do1stHandshake /src/nss/out/Debug/../../lib/ssl/sslsecur.c:42:14
#11 0x476442 in SSL_ForceHandshake /src/nss/out/Debug/../../lib/ssl/sslsecur.c:386:14
#12 0x438317 in DoHandshake(PRFileDesc*, bool) /src/nss/out/Debug/../../fuzz/tls_common.cc:44:10
#13 0x42e492 in LLVMFuzzerTestOneInput /src/nss/out/Debug/../../fuzz/tls_server_target.cc:123:3
#14 0x830ff3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#15 0x81c762 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#16 0x82242e in fuzzer::FuzzerDriver(int*, char***, int ()(unsigned char const, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#17 0x84bec2 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#18 0x7feb537e1b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
#19 0x40a369 in _start (/opt/oss-fuzz/build/out/nss/tls-server+0x40a369)

DEDUP_TOKEN: ssl_FindServerCert--tls13_CanResume--tls13_HandleClientHelloPart2
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../lib/ssl/sslcert.c:212:14 in

Component: CA Certificates Code → Libraries

This is not really a defect, for the same reason that Martin gave in Bug 1749476. But I reviewed our use of the SSL_CERT_IS macro where the UB was triggered, and I think this instance in ssl_FindServerCert is the only one that a fuzzer might trip over. In the interest of having fewer false positives while fuzzing, I'll add some input validation.

Assignee: nobody → jschanck
Severity: -- → S4
Status: UNCONFIRMED → ASSIGNED
Type: defect → enhancement
Ever confirmed: true
Priority: -- → P5

https://hg.mozilla.org/projects/nss/rev/c98fc11fb685110f2dde22535e41bb80447eb19e

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: