diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-11-11 14:21:37 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-11-27 15:25:03 -0500 |
| commit | 1880a6a88e240556a8e6b169f1160aa8220ab0ec (patch) | |
| tree | ce5cbc2b47a7e6a75a3a5b409f691e7fb12fe548 | |
| parent | 6f8c32b7deb9f0cec6d1553aba71969c9fb6064f (diff) | |
| download | tor-1880a6a88e240556a8e6b169f1160aa8220ab0ec.tar.gz tor-1880a6a88e240556a8e6b169f1160aa8220ab0ec.zip | |
Avoid asking for passphrase on junky PEM input
Fixes bug 24246 and TROVE-2017-011.
This bug is so old, it's in Matej's code. Seems to have been
introduced with e01522bbed6eea.
| -rw-r--r-- | changes/trove-2017-011 | 8 | ||||
| -rw-r--r-- | src/common/crypto.c | 16 |
2 files changed, 21 insertions, 3 deletions
diff --git a/changes/trove-2017-011 b/changes/trove-2017-011 new file mode 100644 index 0000000000..82d20d9e78 --- /dev/null +++ b/changes/trove-2017-011 @@ -0,0 +1,8 @@ + o Major bugfixes (security): + - Fix a denial of service bug where an attacker could use a malformed + directory object to cause a Tor instance to pause while OpenSSL would + try to read a passphrase from the terminal. (If the terminal was not + available, tor would continue running.) Fixes bug 24246; bugfix on + every version of Tor. Also tracked as TROVE-2017-011 and + CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. + diff --git a/src/common/crypto.c b/src/common/crypto.c index f7362765d2..8d816652d3 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -592,11 +592,21 @@ crypto_pk_generate_key_with_bits(crypto_pk_t *env, int bits) return 0; } +/** A PEM callback that always reports a failure to get a password */ +static int +pem_no_password_cb(char *buf, int size, int rwflag, void *u) +{ + (void)buf; + (void)size; + (void)rwflag; + (void)u; + return 0; +} + /** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b> * into <b>env</b>. Return 0 on success, -1 on failure. If len is -1, * the string is nul-terminated. */ -/* Used here, and used for testing. */ int crypto_pk_read_private_key_from_string(crypto_pk_t *env, const char *s, ssize_t len) @@ -615,7 +625,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_t *env, if (env->key) RSA_free(env->key); - env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL); + env->key = PEM_read_bio_RSAPrivateKey(b,NULL,pem_no_password_cb,NULL); BIO_free(b); @@ -747,7 +757,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src, if (env->key) RSA_free(env->key); - env->key = PEM_read_bio_RSAPublicKey(b, NULL, NULL, NULL); + env->key = PEM_read_bio_RSAPublicKey(b, NULL, pem_no_password_cb, NULL); BIO_free(b); if (!env->key) { crypto_log_errors(LOG_WARN, "reading public key from string"); |