Skip to content

Commit 8305349

Browse files
committed
Fixed GHSL-2020-102 heap overflow
(cherry picked from commit 197b16cc15a12813c2e4fa2d6ae9cd9c4a57e581)
1 parent cf4f6db commit 8305349

File tree

1 file changed

+30
-11
lines changed

1 file changed

+30
-11
lines changed

Diff for: libfreerdp/crypto/crypto.c

+30-11
Original file line numberDiff line numberDiff line change
@@ -96,13 +96,24 @@ BOOL crypto_cert_get_public_key(CryptoCert cert, BYTE** PublicKey, DWORD* Public
9696
static int crypto_rsa_common(const BYTE* input, int length, UINT32 key_length, const BYTE* modulus,
9797
const BYTE* exponent, int exponent_size, BYTE* output)
9898
{
99-
BN_CTX* ctx;
99+
BN_CTX* ctx = NULL;
100100
int output_length = -1;
101-
BYTE* input_reverse;
102-
BYTE* modulus_reverse;
103-
BYTE* exponent_reverse;
104-
BIGNUM *mod, *exp, *x, *y;
105-
input_reverse = (BYTE*)malloc(2 * key_length + exponent_size);
101+
BYTE* input_reverse = NULL;
102+
BYTE* modulus_reverse = NULL;
103+
BYTE* exponent_reverse = NULL;
104+
BIGNUM* mod = NULL;
105+
BIGNUM* exp = NULL;
106+
BIGNUM* x = NULL;
107+
BIGNUM* y = NULL;
108+
size_t bufferSize = 2 * key_length + exponent_size;
109+
110+
if (!input || (length < 0) || (exponent_size < 0) || !modulus || !exponent || !output)
111+
return -1;
112+
113+
if (length > bufferSize)
114+
bufferSize = length;
115+
116+
input_reverse = (BYTE*)calloc(bufferSize, 1);
106117

107118
if (!input_reverse)
108119
return -1;
@@ -131,16 +142,24 @@ static int crypto_rsa_common(const BYTE* input, int length, UINT32 key_length, c
131142
if (!(y = BN_new()))
132143
goto fail_bn_y;
133144

134-
BN_bin2bn(modulus_reverse, key_length, mod);
135-
BN_bin2bn(exponent_reverse, exponent_size, exp);
136-
BN_bin2bn(input_reverse, length, x);
137-
BN_mod_exp(y, x, exp, mod, ctx);
145+
if (!BN_bin2bn(modulus_reverse, key_length, mod))
146+
goto fail;
147+
148+
if (!BN_bin2bn(exponent_reverse, exponent_size, exp))
149+
goto fail;
150+
if (!BN_bin2bn(input_reverse, length, x))
151+
goto fail;
152+
if (BN_mod_exp(y, x, exp, mod, ctx) != 1)
153+
goto fail;
138154
output_length = BN_bn2bin(y, output);
155+
if (output_length < 0)
156+
goto fail;
139157
crypto_reverse(output, output_length);
140158

141-
if (output_length < (int)key_length)
159+
if (output_length < key_length)
142160
memset(output + output_length, 0, key_length - output_length);
143161

162+
fail:
144163
BN_free(y);
145164
fail_bn_y:
146165
BN_clear_free(x);

0 commit comments

Comments
 (0)