Skip to content

Memory and Secret Handling Fixes#589

Open
stenslae wants to merge 3 commits into
wolfSSL:masterfrom
stenslae:pr-memory-crypto
Open

Memory and Secret Handling Fixes#589
stenslae wants to merge 3 commits into
wolfSSL:masterfrom
stenslae:pr-memory-crypto

Conversation

@stenslae

@stenslae stenslae commented Jul 6, 2026

Copy link
Copy Markdown
Member

27 Fenrir fixes across wolfSSL example code in three commits:

  1. Buffer/malloc safety (crypto file-encryption examples): fix buffer overflows, missing malloc/realloc NULL checks, and padding validation in AES/3DES/Camellia file-encrypt tools.
  2. Memory/lifecycle bugs: fix NULL-deref, fd leaks, unaligned access, and buffer overflows across CAN bus, PKCS7, embedded, and PEM-printing examples.
  3. Key/secret handling: replace hardcoded or UAF-prone secrets/keys with RNG-generated values, zeroize key material before free, and flag non-constant-time secret comparisons.

@stenslae stenslae self-assigned this Jul 6, 2026

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread ccb_vaultic/ccb_vaultic.c
@stenslae stenslae force-pushed the pr-memory-crypto branch from 9e04469 to d324400 Compare July 6, 2026 19:59
Comment thread ccb_vaultic/ccb_vaultic.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

No new issues found in the changed files. ✅

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

No new issues found in the changed files. ✅

@stenslae stenslae removed their assignment Jul 7, 2026
@stenslae stenslae force-pushed the pr-memory-crypto branch from 34ccbb9 to 0a1c02d Compare July 9, 2026 20:30
Emma Stensland added 2 commits July 9, 2026 15:10
…s, malloc/realloc NULL checks, and padding validation in crypto file-encryption examples
… F-6288: fix NULL-deref, fd-leak, unaligned-access, and buffer-overflow bugs across CAN, PKCS7, embedded, and PEM-printing examples
@stenslae stenslae force-pushed the pr-memory-crypto branch 2 times, most recently from c4beee5 to 76b1000 Compare July 9, 2026 21:56

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread crypto/aes/aes-file-encrypt.c
Comment thread dtls/dtls-export-common.h Outdated
@stenslae stenslae force-pushed the pr-memory-crypto branch 2 times, most recently from d490b56 to e399570 Compare July 9, 2026 22:46
Comment thread dtls/dtls-export-common.h Outdated
Comment thread crypto/aes/aes-file-encrypt.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #589

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 3
3 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
fclose(inFile);
fclose(outFile);
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] fclose(outFile) without NULL check in new error paths across crypto file tools · Incorrect error handling

The PR adds key-malloc-failure and NoEcho-failure error paths that call fclose(outFile) without a NULL guard. outFile stays NULL when fopen(out, "w") fails (e.g. bad output directory) while outCheck is already set to 1, so the existing guard inCheck==0||outCheck==0 does not fire. fclose(NULL) is UB and crashes on Linux. Same issue in aescfb-file-encrypt.c, aesctr-file-encrypt.c, and camellia-encrypt.c; 3des-file-encrypt.c (line 469/483) is additionally missing the inFile!=NULL check on the outer else-if that the AES variants gained from this PR, so fclose(inFile) can also be NULL there.

Fix: Guard both new fclose calls: if (inFile != NULL) fclose(inFile); and if (outFile != NULL) fclose(outFile);. For 3des-file-encrypt.c and camellia-encrypt.c also add && inFile != NULL && outFile != NULL to the outer else-if condition.

Comment thread dtls/dtls-export-common.h Outdated
Comment thread crypto/aes/aesgcm-file-encrypt.c
@stenslae stenslae marked this pull request as draft July 10, 2026 15:59
@stenslae stenslae assigned stenslae and unassigned wolfSSL-Bot Jul 10, 2026
…ce hardcoded/UAF-prone secrets and keys with RNG-generated values, zeroize key material before free, and flag non-constant-time secret comparisons
@stenslae stenslae marked this pull request as ready for review July 10, 2026 19:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants