-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use of uninitialized memory in cert_app for empty commandline #6700
Comments
Thanks for this. Looking at it, it seems that the initialization of |
Hello there! I've tried to reproduce the defect by invoking With this in mind: can someone help me which steps can I take to improve the code? Kind regards, |
Please try these steps to reproduce:
The second chunk initializes a local variable that was originally uninitialized. The first chunk inserts a check that shows that the memory is uninitialized at the time we are about to use it.
The last line shows that |
Summary
When
cert_app
is invoked with an empty commandline, it eventually relies on the value ofctx->accumulator_started
in the functionmbedtls_entropy_free
at line 85:mbedtls/library/entropy.c
Line 85 in a942b37
ctx
is pointing toentropy
, local variable ofmain
. Because the commandline is empty, no part of that variable was written to. Reading the memberaccumulator_started
, which is uninitialized, is more or less undefined behavior in itself (depending on the version of the C standard and the level of bad faith argumentation one is willing to develop about the meaning of words in the C standard) and should be avoided.System information
Mbed TLS version (number or commit id): commit a942b37
Operating system and version: abstract POSIX system with implementation-defined choices of GCC for IA32
Configuration (if not default, please attach
mbedtls_config.h
):mbedtls_config.h
from the repo.Compiler and options (if you used a pre-built binary, please indicate how you obtained it): abstract compiler with the implementation-defined choices of GCC targeting IA32.
Expected behavior
This use of uninitalized memory should be avoided because nothing prevents the condition
ctx->accumulator_started == -1
from having the least desirable possible truth value. In addition, Mbed TLS is exactly the sort of code for which it is often dangerous to involve uninitialized variables in computations, because of the risk of leaking cryptographic secrets. Even if this particular use of uninitialized memory is arguably harmless, fixing it would facilitate the application of the sort of tool that guarantees the absence of uses of uninitialized memory for all executions, without having to waste time again on this one.Actual behavior
The uninitialized contents of the variable
entropy
, local variable ofmain
, are used.Steps to reproduce
Invoke
cert_app
with empty commandline (argc==1
)Additional information
I follow the development of enough open-source projects to be familiar with the usual reports from well-meaning users of the project who have applied a static analyzer to the source code without being able to do the classification of warnings between false positives and bugs. I would like to emphasize that this is not such a report: the situation I described certainly happens for the provided input (namely
argc==1
).This bug was found using TrustInSoft Analyzer during the REDOCS'22 event.
The text was updated successfully, but these errors were encountered: