Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional safety checks for Secure Session (check if empty clientID) #386

Merged
merged 2 commits into from
Feb 19, 2019
Merged

Additional safety checks for Secure Session (check if empty clientID) #386

merged 2 commits into from
Feb 19, 2019

Conversation

ilammy
Copy link
Collaborator

@ilammy ilammy commented Feb 19, 2019

It turns out that Secure Session breaks in a subtle and non-obvious way if it is created with empty client ID or missing private key. The user callbacks are also not thoroughly validated and may cause a crash if the user forgets to fill them in.

Add checks for client ID and private key length as well as NULL checks for pointers involved with user context and its callbacks.

@ilammy
Additional safety checks for Secure Session
04afebc 
It turns out that Secure Session breaks in a subtle and non-obvious way
if it is created with empty client ID or missing private key. The user
callbacks are also not thoroughly validated and may cause a crash if
the user forgets to fill them in.

Add checks for client ID and private key length as well as NULL checks
for pointers involved with user context and its callbacks.
@ilammy ilammy added the core Themis Core written in C, its packages label Feb 19, 2019
vixentael
vixentael approved these changes Feb 19, 2019
View reviewed changes
Copy link
Contributor

@vixentael vixentael left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

src/themis/secure_session.c
@@ -225,7 +245,13 @@ themis_status_t secure_session_connect(secure_session_t *session_ctx)

if (THEMIS_SUCCESS == res)
{
ssize_t bytes_sent = session_ctx->user_callbacks->send_data(request, request_length, session_ctx->user_callbacks->user_data);
ssize_t bytes_sent = -1;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

-1 means nothing?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It means 'an error occurred'. send_data callback is expected to return a non-negative number of bytes that were transferred. It should be exactly the same as size_t request_length, anything else is considered an error. A negative value is guaranteed to be not equal to any non-negative number of bytes.

@ilammy ilammy merged commit 0f10829 into cossacklabs:master Feb 19, 2019
@vixentael vixentael changed the title Additional safety checks for Secure Session Additional safety checks for Secure Session (check if empty clientID) Feb 21, 2019
@ilammy ilammy deleted the ssesion-empty-args branch April 16, 2019 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vixentael vixentael vixentael approved these changes

@Lagovas Lagovas Lagovas approved these changes

@shadinua shadinua Awaiting requested review from shadinua

Assignees
No one assigned
Labels
core Themis Core written in C, its packages
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ilammy @vixentael @Lagovas