From e9f92c4fbc212390cf104185222f83bb9eba5bd9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 16 Nov 2022 10:23:05 +0100 Subject: [PATCH 1/3] tls: Fix in_cid buffer size in transform structure Signed-off-by: Ronald Cron --- library/ssl_misc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 41bb9c514..72bf096a3 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1021,7 +1021,7 @@ struct mbedtls_ssl_transform #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t in_cid_len; uint8_t out_cid_len; - unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char in_cid [ MBEDTLS_SSL_CID_IN_LEN_MAX ]; unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ From 9a1396bfcc2bc2c43aa94f2fdffcfb4341c229b7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 16 Nov 2022 11:04:48 +0100 Subject: [PATCH 2/3] Add ChangeLog Signed-off-by: Ronald Cron --- ChangeLog.d/fix-in-cid-buffer-size.txt | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 ChangeLog.d/fix-in-cid-buffer-size.txt diff --git a/ChangeLog.d/fix-in-cid-buffer-size.txt b/ChangeLog.d/fix-in-cid-buffer-size.txt new file mode 100644 index 000000000..c8ede1f1c --- /dev/null +++ b/ChangeLog.d/fix-in-cid-buffer-size.txt @@ -0,0 +1,15 @@ +Bugfix + * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID + enabled leading to context corruption. + +Security + * Fix potential memory probe through non-constant time memcmp() in DTLS + with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible + only under very specific and unlikely conditions: + 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if + MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled, + MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN + + 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if + MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not + met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and + MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal. From 5dc7999946f302afd392fc15e999b8313e72d2e9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Nov 2022 14:51:52 +0100 Subject: [PATCH 3/3] Simplify the change log Signed-off-by: Ronald Cron --- ChangeLog.d/fix-in-cid-buffer-size.txt | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/ChangeLog.d/fix-in-cid-buffer-size.txt b/ChangeLog.d/fix-in-cid-buffer-size.txt index c8ede1f1c..8a6c85023 100644 --- a/ChangeLog.d/fix-in-cid-buffer-size.txt +++ b/ChangeLog.d/fix-in-cid-buffer-size.txt @@ -1,15 +1,4 @@ -Bugfix - * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID - enabled leading to context corruption. - Security - * Fix potential memory probe through non-constant time memcmp() in DTLS - with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible - only under very specific and unlikely conditions: - 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if - MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled, - MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN + - 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if - MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not - met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and - MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal. + * Fix potential heap buffer overread and overwrite in DTLS if + MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and + MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.