Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ChipDN may use uninitiliazed data #22196

Closed
tcarmelveilleux opened this issue Aug 26, 2022 · 0 comments · Fixed by #22215
Closed

ChipDN may use uninitiliazed data #22196

tcarmelveilleux opened this issue Aug 26, 2022 · 0 comments · Fixed by #22215
Assignees
@tcarmelveilleux
Labels
commissioning Involves placing devices on the network, initial setup security V1.0

Comments

@tcarmelveilleux
Copy link
Contributor

Problem

  • Constructor for ChipDN does not clear state and there is default-initialize for many fields.
  • ChipDN is often used on the stack, especially when issuing certs, to set subject/issuer
  • Uninitialized data may be used in some situations, depending on local memory state

This was found to impact some code on some out-of-SDK platforms with some particular compiler situations

Proposed Solution

  • Make constructor default initialize all the fields
@tcarmelveilleux tcarmelveilleux added V1.0 security commissioning Involves placing devices on the network, initial setup labels Aug 26, 2022
@tcarmelveilleux tcarmelveilleux self-assigned this Aug 26, 2022
tcarmelveilleux added a commit to tcarmelveilleux/connectedhomeip that referenced this issue Aug 28, 2022
@tcarmelveilleux
Ensure full initialization of ChipDN/ChipRDN
c9338e1 
- ChipDN did not initialize all internal fields by default,
  which, in some situations, led to potention usage of uninitialized
  values in the ChipRDN entries

Fixes project-chip#22196

This PR:
- Adds default initialization of the ChipDN/ChipRDN classes

Testing done:
- Added new tests to ensure we have basic initialization
@tcarmelveilleux tcarmelveilleux mentioned this issue Aug 28, 2022
Merged
andy31415 pushed a commit that referenced this issue Aug 29, 2022
@tcarmelveilleux
Ensure full initialization of ChipDN/ChipRDN (#22215)
eba8dee 
* Ensure full initialization of ChipDN/ChipRDN

- ChipDN did not initialize all internal fields by default,
  which, in some situations, led to potention usage of uninitialized
  values in the ChipRDN entries

Fixes #22196

This PR:
- Adds default initialization of the ChipDN/ChipRDN classes

Testing done:
- Added new tests to ensure we have basic initialization

* Restyled
isiu-apple pushed a commit to isiu-apple/connectedhomeip that referenced this issue Sep 16, 2022
@tcarmelveilleux @isiu-apple
Ensure full initialization of ChipDN/ChipRDN (project-chip#22215)
63f06e1 
* Ensure full initialization of ChipDN/ChipRDN

- ChipDN did not initialize all internal fields by default,
  which, in some situations, led to potention usage of uninitialized
  values in the ChipRDN entries

Fixes project-chip#22196

This PR:
- Adds default initialization of the ChipDN/ChipRDN classes

Testing done:
- Added new tests to ensure we have basic initialization

* Restyled
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tcarmelveilleux tcarmelveilleux

Labels
commissioning Involves placing devices on the network, initial setup security V1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Ensure full initialization of ChipDN/ChipRDN tcarmelveilleux/connectedhomeip
1 participant
@tcarmelveilleux