Skip to content

Memory and Secret Handling Fixes#589

Open
stenslae wants to merge 3 commits into
wolfSSL:masterfrom
stenslae:pr-memory-crypto
Open

Memory and Secret Handling Fixes#589
stenslae wants to merge 3 commits into
wolfSSL:masterfrom
stenslae:pr-memory-crypto

Conversation

@stenslae

@stenslae stenslae commented Jul 6, 2026

Copy link
Copy Markdown
Member

27 Fenrir fixes across wolfSSL example code in three commits:

  1. Buffer/malloc safety (crypto file-encryption examples): fix buffer overflows, missing malloc/realloc NULL checks, and padding validation in AES/3DES/Camellia file-encrypt tools.
  2. Memory/lifecycle bugs: fix NULL-deref, fd leaks, unaligned access, and buffer overflows across CAN bus, PKCS7, embedded, and PEM-printing examples.
  3. Key/secret handling: replace hardcoded or UAF-prone secrets/keys with RNG-generated values, zeroize key material before free, and flag non-constant-time secret comparisons.

@stenslae stenslae self-assigned this Jul 6, 2026

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread ccb_vaultic/ccb_vaultic.c
@stenslae stenslae force-pushed the pr-memory-crypto branch from 9e04469 to d324400 Compare July 6, 2026 19:59
Comment thread ccb_vaultic/ccb_vaultic.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

No new issues found in the changed files. ✅

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

No new issues found in the changed files. ✅

@stenslae stenslae removed their assignment Jul 7, 2026
@stenslae stenslae force-pushed the pr-memory-crypto branch 3 times, most recently from c4beee5 to 76b1000 Compare July 9, 2026 21:56

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread crypto/aes/aes-file-encrypt.c
Comment thread dtls/dtls-export-common.h Outdated
@stenslae stenslae force-pushed the pr-memory-crypto branch 2 times, most recently from d490b56 to e399570 Compare July 9, 2026 22:46
Comment thread dtls/dtls-export-common.h Outdated
Comment thread crypto/aes/aes-file-encrypt.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 3
3 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread crypto/aes/aes-file-encrypt.c
Comment thread dtls/dtls-export-common.h Outdated
Comment thread crypto/aes/aesgcm-file-encrypt.c
@stenslae stenslae marked this pull request as draft July 10, 2026 15:59
@stenslae stenslae assigned stenslae and unassigned wolfSSL-Bot Jul 10, 2026
Comment thread dtls/dtls-export-common.h Outdated
Comment thread crypto/aes/aesgcm-file-encrypt.c
@stenslae stenslae marked this pull request as ready for review July 10, 2026 19:51
Comment thread crypto/aes/aes-file-encrypt.c
@stenslae stenslae requested review from wolfSSL-Fenrir-bot and removed request for wolfSSL-Fenrir-bot July 13, 2026 21:53
Emma Stensland added 3 commits July 13, 2026 16:49
…s, malloc/realloc NULL checks, and padding validation in crypto file-encryption examples
… F-6288: fix NULL-deref, fd-leak, unaligned-access, and buffer-overflow bugs across CAN, PKCS7, embedded, and PEM-printing examples
…ce hardcoded/UAF-prone secrets and keys with RNG-generated values, zeroize key material before free, and flag non-constant-time secret comparisons

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

salt[i] = input[i];

if (ret == 0) {
ret = wc_InitRng(&rng);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 [Medium] Unnecessary wc_InitRng error check in decrypt functions causes spurious failures · Logic errors

The PR adds an error check on wc_InitRng inside AesDecrypt, Des3Decrypt, AesCfbDecrypt, and CamelliaDecrypt, but the RNG is never used in any of these decrypt functions. If wc_InitRng fails, ret becomes non-zero and the entire decryption is skipped — a failure path that did not exist before (the old code ignored the return value and decrypted successfully regardless).

Fix: Remove wc_InitRng/wc_FreeRng and the rngInit flag entirely from these four decrypt functions, as they do not use the RNG.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants