Skip to content
This repository has been archived by the owner on Jan 23, 2023. It is now read-only.
/ corefx Public archive

Provide a temporary RSA decryption buffer when dest is too small #36601

Merged
merged 4 commits into from
Apr 6, 2019
Merged

Provide a temporary RSA decryption buffer when dest is too small #36601

merged 4 commits into from
Apr 6, 2019

Conversation

bartonjs
Copy link
Member

@bartonjs bartonjs commented Apr 4, 2019

Fixes #33561.

@bartonjs bartonjs self-assigned this Apr 4, 2019
@bartonjs bartonjs added this to the 3.0 milestone Apr 4, 2019
stephentoub
stephentoub reviewed Apr 4, 2019
View reviewed changes
src/Common/src/System/Security/Cryptography/RSAOpenSsl.cs Outdated

if (ret)
{
Span<byte> tmpSlice = tmp.Slice(0, bytesWritten);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not just tmp = tmp.Slice(0, bytesWritten);?

stephentoub
stephentoub reviewed Apr 4, 2019
View reviewed changes
src/Common/src/System/Security/Cryptography/RSAOpenSsl.cs

if (rent != null)
{
// Already cleared
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume this means that if TryDecrypt fails, it won't have written anything to the buffer?

krwq
krwq reviewed Apr 4, 2019
View reviewed changes
src/Common/src/System/Security/Cryptography/RSAOpenSsl.cs
// To prevent the OOB write, decrypt into a temporary buffer.
if (destination.Length < keySizeBytes)
{
Span<byte> tmp = stackalloc byte[0];
Copy link
Member

@krwq krwq Apr 4, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is the stackalloc needed here? (or could you remove the initialization?)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

without this the tmp variable is not allowed to receive the stackalloc from within the if (it's a compile error to remove this).

@bartonjs bartonjs merged commit df5bba1 into dotnet:master Apr 6, 2019
@bartonjs bartonjs deleted the linux_rsadec_smallbuf branch April 6, 2019 02:38
@vcsjones vcsjones mentioned this pull request Jul 3, 2020
Closed
picenka21 pushed a commit to picenka21/runtime that referenced this pull request Feb 18, 2022
@bartonjs
Provide a temporary RSA decryption buffer when dest is too small (dot…
804af4f 
…net/corefx#36601)

* Provide a temporary RSA decryption buffer when dest is too small

* Remove the semi-redundant second span variable

* Add tests to ensure that destination is not tainted when decryption fails

* Make Decrypt_WrongKey_OAEP_SHA256 conditional


Commit migrated from dotnet/corefx@df5bba1
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stephentoub stephentoub stephentoub approved these changes

@krwq krwq krwq approved these changes

Assignees

@bartonjs bartonjs

Labels
area-System.Security
Projects
None yet
Milestone
3.0
Development

Successfully merging this pull request may close these issues.
3 participants
@bartonjs @krwq @stephentoub