This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=7959565a46cb2b4c147f10f8eb3ffd2507501939 The branch, master has been updated via 7959565a46cb2b4c147f10f8eb3ffd2507501939 (commit) via 9b2a31d07984d9dc31145f11fc3e6530ef84f4d3 (commit) from 9271d262c4423827185fafb369671baaa8efdc92 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7959565a46cb2b4c147f10f8eb3ffd2507501939 Author: Simon Josefsson <[email protected]> Date: Thu Mar 18 16:04:21 2010 +0100 SCRAM: Don't read out of bounds when parsing tokens. commit 9b2a31d07984d9dc31145f11fc3e6530ef84f4d3 Author: Simon Josefsson <[email protected]> Date: Thu Mar 18 16:03:05 2010 +0100 Add self-test for round-out-of-bounds. ----------------------------------------------------------------------- Summary of changes: lib/NEWS | 2 + lib/scram/parser.c | 8 ++-- tests/Makefile.am | 2 +- tests/readnz.c | 111 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 118 insertions(+), 5 deletions(-) create mode 100644 tests/readnz.c diff --git a/lib/NEWS b/lib/NEWS index b9cfbcb..4289d0f 100644 --- a/lib/NEWS +++ b/lib/NEWS @@ -15,6 +15,8 @@ they are compatible in modern releases. ** SCRAM: Encode and decode username/authzid properly. Before any username/authzid that contained '=' or ',' would not work. +** SCRAM: Don't read out of bounds when parsing tokens. + ** DIGEST-MD5: The server code now returns GSASL_OK after the final token. ** API and ABI modifications. diff --git a/lib/scram/parser.c b/lib/scram/parser.c index a7fbff5..3a38bb0 100644 --- a/lib/scram/parser.c +++ b/lib/scram/parser.c @@ -76,7 +76,7 @@ scram_parse_client_first (const char *str, size_t len, struct scram_client_first *cf) { /* Minimum client first string is 'n,,n=a,r=b'. */ - if (strlen (str) < 10) + if (strnlen (str, len) < 10) return -1; if (len == 0 || *str != 'n') @@ -199,7 +199,7 @@ scram_parse_server_first (const char *str, size_t len, struct scram_server_first *sf) { /* Minimum server first string is 'r=ab,s=biws,i=1'. */ - if (strlen (str) < 15) + if (strnlen (str, len) < 15) return -1; if (len == 0 || *str != 'r') @@ -308,7 +308,7 @@ scram_parse_client_final (const char *str, size_t len, struct scram_client_final *cl) { /* Minimum client final string is 'c=biws,r=ab,p=ab=='. */ - if (strlen (str) < 18) + if (strnlen (str, len) < 18) return -1; if (len == 0 || *str != 'c') @@ -413,7 +413,7 @@ scram_parse_server_final (const char *str, size_t len, struct scram_server_final *sl) { /* Minimum client final string is 'v=ab=='. */ - if (strlen (str) < 6) + if (strnlen (str, len) < 6) return -1; if (len == 0 || *str != 'v') diff --git a/tests/Makefile.am b/tests/Makefile.am index 2aa1d09..f5915a4 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -41,7 +41,7 @@ TESTS_ENVIRONMENT = \ $(VALGRIND) ctests = external cram-md5 digest-md5 md5file name errors suggest \ - simple crypto scram symbols gssapi gs2-krb5 + simple crypto scram symbols gssapi gs2-krb5 readnz if OBSOLETE ctests += old-simple old-md5file old-cram-md5 old-digest-md5 \ diff --git a/tests/readnz.c b/tests/readnz.c new file mode 100644 index 0000000..c3f6de1 --- /dev/null +++ b/tests/readnz.c @@ -0,0 +1,111 @@ +/* readnz.c --- Check out-of-bounds reads on non-zero terminated strings. + * Copyright (C) 2010 Simon Josefsson + * + * This file is part of GNU SASL. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <stdio.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> +#include <stdbool.h> + +#include "utils.h" + +static void +doit2 (bool server_p) +{ + Gsasl *ctx = NULL; + Gsasl_session *session = NULL; + char *mechs; + char *mech, *ptrptr; + char *s1; + size_t s1len; + int res; + size_t i; + + res = gsasl_init (&ctx); + if (res != GSASL_OK) + { + fail ("gsasl_init() failed (%d):\n%s\n", res, gsasl_strerror (res)); + return; + } + + if (server_p) + res = gsasl_server_mechlist (ctx, &mechs); + else + res = gsasl_client_mechlist (ctx, &mechs); + if (res != GSASL_OK) + { + fail ("mechlist() failed (%d):\n%s\n", + res, gsasl_strerror (res)); + return; + } + + for (i = 0; (mech = strtok_r (i == 0 ? mechs : NULL, " ", &ptrptr)); i++) + { + size_t len; + + for (len = 0; len < 5; len++) + { + char *p; + + if (server_p) + res = gsasl_server_start (ctx, mech, &session); + else + res = gsasl_client_start (ctx, mech, &session); + if (res != GSASL_OK) + { + fail ("start(%s) failed (%d):\n%s\n", mech, + res, gsasl_strerror (res)); + return; + } + + p = malloc (len); + if (!p) + { + fail ("out of memory"); + return; + } + + memset (p, 42, len); + + res = gsasl_step (session, p, len, &s1, &s1len); + if (res == GSASL_OK || res == GSASL_NEEDS_MORE) + gsasl_free (s1); + + gsasl_free (p); + + gsasl_finish (session); + } + } + + gsasl_free (mechs); + + gsasl_done (ctx); +} + +void +doit (void) +{ + doit2 (true); + doit2 (false); +} hooks/post-receive -- GNU gsasl _______________________________________________ Gsasl-commit mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gsasl-commit
