Merge pull request #9930 from julek-wolfssl/fenrir/260903

douzzer · web-flow · commit f1508c910ace · 2026-03-10T19:32:56.000-05:00
Fenrir fixes
diff --git a/.github/workflows/ada.yml b/.github/workflows/ada.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@master
+    - uses: actions/checkout@v4
 
     - name: Install alire
       uses: alire-project/setup-alire@v5
diff --git a/.github/workflows/win-csharp-test.yml b/.github/workflows/win-csharp-test.yml
@@ -27,7 +27,7 @@ jobs:
 
     steps:
         - name: Pull wolfssl
-          uses: actions/checkout@master
+          uses: actions/checkout@v4
           with:
             repository: wolfssl/wolfssl
             path: wolfssl
@@ -41,7 +41,7 @@ jobs:
             echo $null >> wolfcrypt\src\wolfcrypt_last.c
 
         - name: Add MSBuild to PATH
-          uses: microsoft/setup-msbuild@v1
+          uses: microsoft/setup-msbuild@v2
 
         - name: Build
           working-directory: ${{env.GITHUB_WORKSPACE}}
diff --git a/Docker/Dockerfile b/Docker/Dockerfile
@@ -43,7 +43,7 @@ RUN mkdir /var/empty
 RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-15.1.tar.gz | tar xzf - && cd pkixssh-15.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
 
 # Install udp/tcp-proxy
-RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
+RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main https://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
 # Install libbacktrace
 RUN cd /opt/sources && git clone --depth=1 --single-branch https://github.com/ianlancetaylor/libbacktrace.git && cd libbacktrace && mkdir build && cd build && ../configure && make && make install
 
diff --git a/src/crl.c b/src/crl.c
@@ -591,7 +591,7 @@ int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
             if (cbRet == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ)) {
                 ret = OCSP_WANT_READ;
             }
-            else if (ret >= 0) {
+            else if (cbRet >= 0) {
                 /* try again */
                 ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
                         serialHash, &foundEntry);
diff --git a/src/quic.c b/src/quic.c
@@ -228,7 +228,7 @@ const QuicTransportParam* QuicTransportParam_new(const uint8_t* data,
 {
     QuicTransportParam* tp;
 
-    if (len > 65353) return NULL;
+    if (len > 65535) return NULL;
     tp = (QuicTransportParam*)XMALLOC(sizeof(*tp), heap, DYNAMIC_TYPE_TLSX);
     if (!tp) return NULL;
     tp->data = (uint8_t*)XMALLOC(len, heap, DYNAMIC_TYPE_TLSX);
diff --git a/src/sniffer.c b/src/sniffer.c
@@ -3478,7 +3478,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
     /* TLS v1.3 has hint age and nonce */
     if (IsAtLeastTLSv1_3(ssl->version)) {
         /* make sure can read through hint age and nonce len */
-        if (TICKET_HINT_AGE_LEN + 1 > *sslBytes) {
+        if (TICKET_HINT_AGE_LEN + OPAQUE8_LEN > *sslBytes) {
             SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
             return WOLFSSL_FATAL_ERROR;
         }
@@ -3487,7 +3487,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
 
         /* ticket nonce */
         len = input[0];
-        if (len > MAX_TICKET_NONCE_STATIC_SZ) {
+        if (len > MAX_TICKET_NONCE_STATIC_SZ || len + OPAQUE8_LEN > *sslBytes) {
             SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
             return WOLFSSL_FATAL_ERROR;
         }
@@ -3847,6 +3847,11 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
             case EXT_MAX_FRAGMENT_LENGTH:
             {
                 word16 max_fragment = MAX_RECORD_SIZE;
+                if (extLen != 1) {
+                    SetError(SERVER_HELLO_INPUT_STR, error, session,
+                             FATAL_ERROR_STATE);
+                    return WOLFSSL_FATAL_ERROR;
+                }
                 switch (input[0]) {
                     case WOLFSSL_MFL_2_8 : max_fragment =  256; break;
                     case WOLFSSL_MFL_2_9 : max_fragment =  512; break;
@@ -3862,6 +3867,11 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
             }
         #endif
             case EXT_SUPPORTED_VERSIONS:
+                if (extLen != 2) {
+                    SetError(SERVER_HELLO_INPUT_STR, error, session,
+                             FATAL_ERROR_STATE);
+                    return WOLFSSL_FATAL_ERROR;
+                }
                 session->sslServer->version.major = input[0];
                 session->sslServer->version.minor = input[1];
                 session->sslClient->version.major = input[0];
diff --git a/src/tls.c b/src/tls.c
@@ -6173,24 +6173,6 @@ int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap)
 
 #ifdef HAVE_SESSION_TICKET
 
-#if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT)
-static void TLSX_SessionTicket_ValidateRequest(WOLFSSL* ssl)
-{
-    TLSX*          extension = TLSX_Find(ssl->extensions, TLSX_SESSION_TICKET);
-    SessionTicket* ticket    = extension ?
-                                         (SessionTicket*)extension->data : NULL;
-
-    if (ticket) {
-        /* TODO validate ticket timeout here! */
-        if (ticket->lifetime == 0xfffffff) {
-            /* send empty ticket on timeout */
-            TLSX_UseSessionTicket(&ssl->extensions, NULL, ssl->heap);
-        }
-    }
-}
-#endif /* WOLFSSL_TLS13 || !NO_WOLFSSL_CLIENT */
-
-
 static word16 TLSX_SessionTicket_GetSize(SessionTicket* ticket, int isRequest)
 {
     (void)isRequest;
@@ -6369,7 +6351,6 @@ int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket, void* heap)
     return WOLFSSL_SUCCESS;
 }
 
-#define WOLF_STK_VALIDATE_REQUEST TLSX_SessionTicket_ValidateRequest
 #define WOLF_STK_GET_SIZE         TLSX_SessionTicket_GetSize
 #define WOLF_STK_WRITE            TLSX_SessionTicket_Write
 #define WOLF_STK_PARSE            TLSX_SessionTicket_Parse
@@ -15402,7 +15383,6 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word32* pLength)
     if (msgType == client_hello) {
         EC_VALIDATE_REQUEST(ssl, semaphore);
         PF_VALIDATE_REQUEST(ssl, semaphore);
-        WOLF_STK_VALIDATE_REQUEST(ssl);
 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
         if (WOLFSSL_SUITES(ssl)->hashSigAlgoSz == 0)
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
@@ -15579,7 +15559,6 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word32* pOffset)
     if (msgType == client_hello) {
         EC_VALIDATE_REQUEST(ssl, semaphore);
         PF_VALIDATE_REQUEST(ssl, semaphore);
-        WOLF_STK_VALIDATE_REQUEST(ssl);
 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
         if (WOLFSSL_SUITES(ssl)->hashSigAlgoSz == 0)
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
diff --git a/src/tls13.c b/src/tls13.c
@@ -6869,11 +6869,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #endif
 
     sessIdSz = input[args->idx++];
-#ifndef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
     if (sessIdSz > ID_LEN)
-#else
-    if (sessIdSz != ID_LEN && sessIdSz != 0)
-#endif
     {
         ERROR_OUT(INVALID_PARAMETER, exit_dch);
     }
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
@@ -9641,7 +9641,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
                     WOLFSSL_MSG("Not Dilithium Level 5 DER key");
                 }
             }
-            else {
+            if (*algoID == 0) {
                 WOLFSSL_MSG("GetKeyOID dilithium initialization failed");
             }
             wc_dilithium_free(dilithium);
diff --git a/wolfcrypt/src/chacha20_poly1305.c b/wolfcrypt/src/chacha20_poly1305.c
@@ -119,6 +119,10 @@ int wc_ChaCha20Poly1305_Decrypt(
     if (ret == 0)
         ret = wc_ChaCha20Poly1305_CheckTag(inAuthTag, calculatedAuthTag);
 
+    if (ret != 0) {
+        /* zero plaintext on error */
+        ForceZero(outPlaintext, inCiphertextLen);
+    }
     WC_FREE_VAR_EX(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
     return ret;

Original file line number	Diff line number	Diff line change
`@@ -591,7 +591,7 @@ int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,`
`591`	`591`	`if (cbRet == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ)) {`
`592`	`592`	`ret = OCSP_WANT_READ;`
`593`	`593`	`}`
`594`		`- else if (ret >= 0) {`
	`594`	`+ else if (cbRet >= 0) {`
`595`	`595`	`/* try again */`
`596`	`596`	`ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,`
`597`	`597`	`serialHash, &foundEntry);`
Original file line number	Diff line number	Diff line change
`@@ -228,7 +228,7 @@ const QuicTransportParam* QuicTransportParam_new(const uint8_t* data,`
`228`	`228`	`{`
`229`	`229`	`QuicTransportParam* tp;`
`230`	`230`
`231`		`- if (len > 65353) return NULL;`
	`231`	`+ if (len > 65535) return NULL;`
`232`	`232`	`tp = (QuicTransportParam)XMALLOC(sizeof(tp), heap, DYNAMIC_TYPE_TLSX);`
`233`	`233`	`if (!tp) return NULL;`
`234`	`234`	`tp->data = (uint8_t*)XMALLOC(len, heap, DYNAMIC_TYPE_TLSX);`
Original file line number	Diff line number	Diff line change
`@@ -6869,11 +6869,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,`
`6869`	`6869`	`#endif`
`6870`	`6870`
`6871`	`6871`	`sessIdSz = input[args->idx++];`
`6872`		`-#ifndef WOLFSSL_TLS13_MIDDLEBOX_COMPAT`
`6873`	`6872`	`if (sessIdSz > ID_LEN)`
`6874`		`-#else`
`6875`		`- if (sessIdSz != ID_LEN && sessIdSz != 0)`
`6876`		`-#endif`
`6877`	`6873`	`{`
`6878`	`6874`	`ERROR_OUT(INVALID_PARAMETER, exit_dch);`
`6879`	`6875`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9641,7 +9641,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,`
`9641`	`9641`	`WOLFSSL_MSG("Not Dilithium Level 5 DER key");`
`9642`	`9642`	`}`
`9643`	`9643`	`}`
`9644`		`- else {`
	`9644`	`+ if (*algoID == 0) {`
`9645`	`9645`	`WOLFSSL_MSG("GetKeyOID dilithium initialization failed");`
`9646`	`9646`	`}`
`9647`	`9647`	`wc_dilithium_free(dilithium);`