Avoid some buffer overflows in ecdsatest

The ASN.1 encoding of the modified ECDSA signature can grow in size due to padding of the ASN.1 integers. Instead of reusing the same signature buffer freshly allocate it. Avoids some buffer overflows caught by ASAN.
author: tb <> 2022-08-31 09:38:00 +0000
committer: tb <> 2022-08-31 09:38:00 +0000
commit: f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e (patch)
tree: c482a5a120451128fbb0aa6a9935144533c51ef0
parent: d40e6544364add7eada09b249759cee72e0d2366 (diff)
download: openbsd-f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e.tar.gz
openbsd-f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e.tar.bz2
openbsd-f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e.zip
1 files changed, 15 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/ecdsa/ecdsatest.c b/src/regress/lib/libcrypto/ecdsa/ecdsatest.c
index 45ffd91ab4..6cbe345d08 100644
--- a/src/regress/lib/libcrypto/ecdsa/ecdsatest.c
+++ b/src/regress/lib/libcrypto/ecdsa/ecdsatest.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ecdsatest.c,v 1.11 2022/08/31 09:36:46 tb Exp $       */
+/*      $OpenBSD: ecdsatest.c,v 1.12 2022/08/31 09:38:00 tb Exp $       */
 /*
 * Written by Nils Larsch for the OpenSSL project.
 */
@@ -251,7 +251,8 @@ test_builtin(BIO *out)
                BIO_printf(out, ".");
                (void)BIO_flush(out);
                /* create signature */
-                sig_len = ECDSA_size(eckey);
+                if ((sig_len = ECDSA_size(eckey)) == 0)
+                        goto builtin_err;
                if ((signature = malloc(sig_len)) == NULL)
                        goto builtin_err;
                if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) {
@@ -332,6 +333,12 @@ test_builtin(BIO *out)
                r = NULL;
                s = NULL;
+                if ((sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL)) <= 0)
+                        goto builtin_err;
+                free(signature);
+                if ((signature = calloc(1, sig_len)) == NULL)
+                        goto builtin_err;
                sig_ptr2 = signature;
                sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
                if (ECDSA_verify(0, digest, 20, signature, sig_len,
@@ -349,6 +356,12 @@ test_builtin(BIO *out)
                r = NULL;
                s = NULL;
+                if ((sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL)) <= 0)
+                        goto builtin_err;
+                free(signature);
+                if ((signature = calloc(1, sig_len)) == NULL)
+                        goto builtin_err;
                sig_ptr2 = signature;
                sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
                if (ECDSA_verify(0, digest, 20, signature, sig_len,
author	tb <>	2022-08-31 09:38:00 +0000
committer	tb <>	2022-08-31 09:38:00 +0000
commit	f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e (patch)
tree	c482a5a120451128fbb0aa6a9935144533c51ef0
parent	d40e6544364add7eada09b249759cee72e0d2366 (diff)
download	openbsd-f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e.tar.gz openbsd-f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e.tar.bz2 openbsd-f47bd0f92ad2e81e03a9c3a43690ff1dabc0755e.zip