]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17d2fd0)
Fix slh-dsa fuzzer on invalid param inputs
authorNeil Horman <nhorman@openssl.org>
Thu, 20 Feb 2025 12:45:50 +0000 (07:45 -0500)
committerNeil Horman <nhorman@openssl.org>
Sat, 22 Feb 2025 19:29:56 +0000 (14:29 -0500)
oss-fuzz issue:
https://issues.oss-fuzz.com/issues/397734693

Fails because the fuzzer occasionaly provides inputs which drives the
fuzzer to create an octet-string for the context_string param which
violates the 255 byte constraint documented on that parameter.

Fix it by detecting that condition, expecting failure in the call to
EVP_sign_message_init, and bailing out when it occurs.

Fixes openssl/project#1109

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26851)

fuzz/slh-dsa.c patch | blob | blame | history

diff --git a/fuzz/slh-dsa.c b/fuzz/slh-dsa.c
index ecd5af373cc0a43af8810fade8351d5ca1f9474d..6ced4561653cf39dbb5362cb676bc283e86b0556 100644 (file)
--- a/fuzz/slh-dsa.c
+++ b/fuzz/slh-dsa.c
@@ -319,6 +319,7 @@ static void slh_dsa_sign_verify(uint8_t **buf, size_t *len, void *key1,
     OSSL_PARAM params[4];
     int paramidx = 0;
     int intval;
+    int expect_init_rc = 1;
 
     *buf = consume_uint8t(*buf, len, &selector);
     if (*buf == NULL)
@@ -338,6 +339,11 @@ static void slh_dsa_sign_verify(uint8_t **buf, size_t *len, void *key1,
      */
     msg = (unsigned char *)*buf;
     msg_len = *len;
+
+    /* if msg_len > 255, sign_message_init will fail */
+    if (msg_len > 255)
+        expect_init_rc = 0;
+
     *len = 0;
 
     if (selector & 0x1)
@@ -368,7 +374,15 @@ static void slh_dsa_sign_verify(uint8_t **buf, size_t *len, void *key1,
     sig_alg = EVP_SIGNATURE_fetch(NULL, keytype, NULL);
     OPENSSL_assert(sig_alg != NULL);
 
-    OPENSSL_assert(EVP_PKEY_sign_message_init(ctx, sig_alg, params));
+    OPENSSL_assert(EVP_PKEY_sign_message_init(ctx, sig_alg, params) == expect_init_rc);
+    /*
+     * the context_string parameter can be no more than 255 bytes, so if
+     * our random input buffer is greater than that, we expect failure above,
+     * which we check for.  In that event, theres nothing more we can do here
+     * so bail out
+     */
+    if (expect_init_rc == 0)
+        goto out;
 
     OPENSSL_assert(EVP_PKEY_sign(ctx, NULL, &sig_len, msg, msg_len));
     sig = OPENSSL_zalloc(sig_len);
@@ -379,6 +393,7 @@ static void slh_dsa_sign_verify(uint8_t **buf, size_t *len, void *key1,
     OPENSSL_assert(EVP_PKEY_verify_message_init(ctx, sig_alg, params));
     OPENSSL_assert(EVP_PKEY_verify(ctx, sig, sig_len, msg, msg_len));
 
+out:
     OPENSSL_free(sig);
     EVP_SIGNATURE_free(sig_alg);
     EVP_PKEY_CTX_free(ctx);
Mirror of https://github.com/openssl/openssl.git