Memory and Secret Handling Fixes#589
Conversation
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #589
Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
9e04469 to
d324400
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #589
Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src
No new issues found in the changed files. ✅
d324400 to
34ccbb9
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #589
Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src
No new issues found in the changed files. ✅
34ccbb9 to
0a1c02d
Compare
…s, malloc/realloc NULL checks, and padding validation in crypto file-encryption examples
… F-6288: fix NULL-deref, fd-leak, unaligned-access, and buffer-overflow bugs across CAN, PKCS7, embedded, and PEM-printing examples
c4beee5 to
76b1000
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #589
Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src
Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
d490b56 to
e399570
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #589
Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src
Findings: 3
3 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); | ||
| fclose(inFile); | ||
| fclose(outFile); | ||
| } |
There was a problem hiding this comment.
🔵 [Low] fclose(outFile) without NULL check in new error paths across crypto file tools · Incorrect error handling
The PR adds key-malloc-failure and NoEcho-failure error paths that call fclose(outFile) without a NULL guard. outFile stays NULL when fopen(out, "w") fails (e.g. bad output directory) while outCheck is already set to 1, so the existing guard inCheck==0||outCheck==0 does not fire. fclose(NULL) is UB and crashes on Linux. Same issue in aescfb-file-encrypt.c, aesctr-file-encrypt.c, and camellia-encrypt.c; 3des-file-encrypt.c (line 469/483) is additionally missing the inFile!=NULL check on the outer else-if that the AES variants gained from this PR, so fclose(inFile) can also be NULL there.
Fix: Guard both new fclose calls: if (inFile != NULL) fclose(inFile); and if (outFile != NULL) fclose(outFile);. For 3des-file-encrypt.c and camellia-encrypt.c also add && inFile != NULL && outFile != NULL to the outer else-if condition.
…ce hardcoded/UAF-prone secrets and keys with RNG-generated values, zeroize key material before free, and flag non-constant-time secret comparisons
e399570 to
3912200
Compare
27 Fenrir fixes across wolfSSL example code in three commits: