From 4791d3416c65e66171f035b90b3ed1058892643f Mon Sep 17 00:00:00 2001 From: mattjala <124107509+mattjala@users.noreply.github.com> Date: Wed, 21 Aug 2024 07:35:29 -0500 Subject: [PATCH] Fix segfault in ROS3 credential parsing (#4736) * Fix segfault in s3 credential parsing * Fix AWS cred parsing when >1 profile provided --- src/H5FDs3comms.c | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/src/H5FDs3comms.c b/src/H5FDs3comms.c index 4b1ff0091aa..1d5ee2608e1 100644 --- a/src/H5FDs3comms.c +++ b/src/H5FDs3comms.c @@ -1671,6 +1671,9 @@ H5FD_s3comms_HMAC_SHA256(const unsigned char *key, size_t key_len, const char *m FUNC_ENTER_NOAPI_NOINIT + if (!key) + HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "signing key not provided"); + if (dest == NULL) HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "destination cannot be null."); @@ -1751,6 +1754,7 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha unsigned setting_i = 0; int found_setting = 0; char *line_buffer = &(buffer[0]); + size_t end = 0; FUNC_ENTER_PACKAGE @@ -1761,8 +1765,7 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha /* look for start of profile */ do { /* clear buffer */ - for (buffer_i = 0; buffer_i < 128; buffer_i++) - buffer[buffer_i] = 0; + memset(buffer, 0, 128); line_buffer = fgets(line_buffer, 128, file); if (line_buffer == NULL) /* reached end of file */ @@ -1771,9 +1774,9 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha /* extract credentials from lines */ do { - /* clear buffer */ - for (buffer_i = 0; buffer_i < 128; buffer_i++) - buffer[buffer_i] = 0; + /* clear buffer and flag */ + memset(buffer, 0, 128); + found_setting = 0; /* collect a line from file */ line_buffer = fgets(line_buffer, 128, file); @@ -1812,10 +1815,11 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha strncpy(setting_pointers[setting_i], (const char *)line_buffer, strlen(line_buffer)); /* "trim" tailing whitespace by replacing with null terminator*/ - buffer_i = 0; - while (!isspace(setting_pointers[setting_i][buffer_i])) - buffer_i++; - setting_pointers[setting_i][buffer_i] = '\0'; + end = strlen(line_buffer) - 1; + while (end > 0 && isspace((int)setting_pointers[setting_i][end])) { + setting_pointers[setting_i][end] = '\0'; + end--; + } break; /* have read setting; don't compare with others */ } /* end if possible name match */ @@ -2173,7 +2177,7 @@ H5FD_s3comms_signing_key(unsigned char *md, const char *secret, const char *regi HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "`iso8601now` cannot be NULL."); AWS4_secret_len = 4 + strlen(secret) + 1; - AWS4_secret = (char *)H5MM_malloc(sizeof(char *) * AWS4_secret_len); + AWS4_secret = (char *)H5MM_malloc(AWS4_secret_len); if (AWS4_secret == NULL) HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "Could not allocate space."); @@ -2188,10 +2192,13 @@ H5FD_s3comms_signing_key(unsigned char *md, const char *secret, const char *regi HMAC(EVP_sha256(), (const unsigned char *)AWS4_secret, (int)strlen(AWS4_secret), (const unsigned char *)iso8601now, 8, /* 8 --> length of 8 --> "yyyyMMDD" */ datekey, NULL); + HMAC(EVP_sha256(), (const unsigned char *)datekey, SHA256_DIGEST_LENGTH, (const unsigned char *)region, strlen(region), dateregionkey, NULL); + HMAC(EVP_sha256(), (const unsigned char *)dateregionkey, SHA256_DIGEST_LENGTH, (const unsigned char *)"s3", 2, dateregionservicekey, NULL); + HMAC(EVP_sha256(), (const unsigned char *)dateregionservicekey, SHA256_DIGEST_LENGTH, (const unsigned char *)"aws4_request", 12, md, NULL);