Closed
Bug 650272
Opened 13 years ago
Closed 13 years ago
seckey functions call memset with sizeof(pointer) instead of sizeof(*pointer)
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.10
People
(Reporter: timeless, Unassigned)
References
()
Details
(Keywords: coverity)
Attachments
(1 file, 1 obsolete file)
|
930 bytes,
patch
|
KaiE
:
review+
nelson
:
review+
|
Details | Diff | Splinter Review |
http://mxr.mozilla.org/security/source/security/nss/lib/cryptohi/seckey.c?mark=2257,2267-2267#2245 2245 SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, this is correct: 2257 PORT_Memset((char *)pvk, 0, sizeof(*pvk)); this is wrong: 2267 PORT_Memset((char *)pvk, 0, sizeof(pvk)); accounting note: COV5.3/BAD_SIZEOF/OU/19137
2276 SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki, looks ok: 2288 PORT_Memset((char *)epki, 0, sizeof(*epki)); looks wrong: 2297 PORT_Memset((char *)epki, 0, sizeof(epki)); accounting note: COV5.3/BAD_SIZEOF/OU/19135
Summary: SECKEY_DestroyPrivateKeyInfo once calls memset with sizeof(pvk) instead of sizeof(*pvk) → seckey functions call memset with sizeof(pointer) instead of sizeof(*pointer)
|
||
Comment 2•13 years ago
|
||
Patch as described in comment #0 and #1
Attachment #526249 -
Flags: review?(kaie)
|
|
||
Comment 3•13 years ago
|
||
Adding kai so he can at least read the bug - I didn't see him on the seclist group.
|
||
Updated•13 years ago
|
Attachment #526249 -
Attachment is patch: true
Attachment #526249 -
Flags: superreview+
|
|
||
Comment 5•13 years ago
|
||
Taking into account timeless comment. sorry for the spam
Attachment #526249 -
Attachment is obsolete: true
Attachment #526249 -
Flags: review?(kaie)
Attachment #526575 -
Flags: review?(kaie)
|
|
||
Comment 6•13 years ago
|
||
Comment on attachment 526575 [details] [diff] [review] Complete patch this time - two lines r=nelson
Attachment #526575 -
Flags: review+
|
|
||
Comment 7•13 years ago
|
||
(In reply to comment #6) > Comment on attachment 526575 [details] [diff] [review] > Complete patch this time - two lines > > r=nelson Do I need sr ? if not can I just ask for checking needed ?
|
||
Comment 8•13 years ago
|
||
I think Nelson's review is sufficient. We should land this into both NSS trunk and NSS 3.12 branch. However: This bug is currently marked as security-sensitive. Checking in the patch and referring to this restricted bug will raise attention. Question: How should we proceed? Are you worried this can be exploited? If not, can we open the bug? I can check in the patch, once we agree what to do.
Target Milestone: --- → 3.12.10
|
|
||
Comment 9•13 years ago
|
||
If I understand correctly, because of the bug, we fail to erase algorithm info and private key attributes, but the private key itself gets successfully erased.
Knowledge about this bug seems to be of little value to a potential attacker, which would have to have access to a victim's memory dump.
I'd conclude this bug can be opened, but I'd like a second opinion. Bob/Brian/Nelson, if you agree, please open this bug.
Some more details, to make it easier for you to decide:
Regarding the first occurrence:
struct SECKEYPrivateKeyInfoStr {
PLArenaPool *arena;
SECItem version;
SECAlgorithmID algorithm;
SECItem privateKey;
SECKEYAttribute **attributes;
};
typedef struct SECKEYPrivateKeyInfoStr SECKEYPrivateKeyInfo;
The wrong call will erase the initial pointer, but will not erase the remaininig contents.
However, the private key itself has already been erased by an earlier call.
Regarding the second occurrence:
struct SECKEYEncryptedPrivateKeyInfoStr {
PLArenaPool *arena;
SECAlgorithmID algorithm;
SECItem encryptedData;
};
typedef struct SECKEYEncryptedPrivateKeyInfoStr SECKEYEncryptedPrivateKeyInfo;
The wrong call will erase the initial pointer, but will not erase the remaininig contents.
However, the encrypted data referenced by the struct has already been erased with zero by an earlier call.
Both functions can be found, next to each other:
http://mxr.mozilla.org/mozilla-central/source/security/nss/lib/cryptohi/seckey.c#2206|
|
||
Updated•13 years ago
|
Attachment #526575 -
Flags: review?(kaie) → review+
|
||
Comment 10•13 years ago
|
||
I do not think this bug needs to be hidden as its nothing exploitable. These particular memsets are unnecessary and it should just be removed. Leaking information about the key metadata isn't a security problem. Nelson or Bob, do you agree?
|
||
Comment 11•13 years ago
|
||
I agree that this is not security sensitive. I think the corrected memsets should stay simply because it helps review. It's clear the sensitive information is in the SECItem, which isn't cleared by the memset anyway (only the pointer in data structure is cleared. bob
|
|
||
Updated•13 years ago
|
Group: core-security
Keywords: checkin-needed
|
|
||
Comment 12•13 years ago
|
||
trunk: Checking in seckey.c; /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.61; previous revision: 1.60 done 3.12 branch: Checking in seckey.c; /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.54.2.3; previous revision: 1.54.2.2 done
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
|
||
Updated•13 years ago
|
Keywords: checkin-needed
You need to log in
before you can comment on or make changes to this bug.
Description
•