Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[utils] fix buffer overflow in Pskc::SetSalt #2072

Merged
merged 6 commits into from
Oct 24, 2023
Merged

[utils] fix buffer overflow in Pskc::SetSalt #2072

merged 6 commits into from
Oct 24, 2023

Conversation

alexanderkent
Copy link
Contributor

This commit addresses a potential buffer overflow vulnerability in the Pskc::SetSalt method.

Root Issue:
The Pskc::SetSalt method copies data into mSalt without sufficiently checking that the combined length of the data being copied (saltPrefix, aExtPanId, aNetworkName) doesn't exceed the size of mSalt. This leads to a stack buffer overflow, which may cause stack corruption, resulting in undefined behavior and potential security risks.

Fix:

  1. Added a check to ensure that the total length of data to be copied into mSalt doesn't exceed its size.
  2. Added a warning log if the network name is too long and needs to be truncated.
  3. Utilized std::min to copy only as much of the network name as can fit into the remaining space in mSalt.

This ensures that no buffer overflow occurs, thereby preventing stack corruption and potential security vulnerabilities.

@google-cla
Copy link

google-cla bot commented Oct 20, 2023

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

jwhui
jwhui reviewed Oct 21, 2023
View reviewed changes
Copy link
Member

@jwhui jwhui left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this contribution! Just some minor code-style suggestions to resolve the pretty-check failure.

src/utils/pskc.cpp Outdated Show resolved Hide resolved
src/utils/pskc.cpp Outdated Show resolved Hide resolved
@jwhui jwhui changed the title Fix buffer overflow in Pskc::SetSalt [pskc] fix buffer overflow in Pskc::SetSalt Oct 24, 2023
@jwhui jwhui changed the title [pskc] fix buffer overflow in Pskc::SetSalt [utils] fix buffer overflow in Pskc::SetSalt Oct 24, 2023
@jwhui jwhui merged commit 7e0ee83 into openthread:main Oct 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jwhui jwhui jwhui approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@alexanderkent @jwhui