Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix use-after-free and double-free bugs on ECDH keys #46

Merged
merged 2 commits into from
Jan 23, 2023
Merged

Fix use-after-free and double-free bugs on ECDH keys #46

merged 2 commits into from
Jan 23, 2023

Conversation

qmuntal
Copy link
Member

@qmuntal qmuntal commented Jan 20, 2023

This PR fixes a couple of memory issues produced when calling PrivateKeyECDH.PublicKey().

The underlying problem is that this method creates a public key that shares the same OpenSSL EVP_PKEY instance with the private key. This EVP_KEY is freed when any of the keys is garbage collected, leaving the other key with an invalid EVP_PKEY that will probably crash the application when it is used.

I've also improved the test pipeline so it has more chances to detect this memory bugs.

@qmuntal qmuntal mentioned this pull request Jan 20, 2023
Closed
dagood
dagood approved these changes Jan 20, 2023
View reviewed changes
Copy link
Member

@dagood dagood left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just suggestions about the comments. 👍

openssl/ecdh.go Outdated Show resolved Hide resolved
openssl/ecdh.go
// This also ensures that priv is not finalized meanwhile
// the public key is alive.
//
// We could avoid this altogether if using EVP_PKEY_up_ref
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// We could avoid this altogether if using EVP_PKEY_up_ref
// We could avoid this altogether by using EVP_PKEY_up_ref

.github/workflows/test.yml Outdated Show resolved Hide resolved
@qmuntal qmuntal merged commit ba9bc7f into main Jan 23, 2023
@qmuntal qmuntal deleted the ecdh-free branch January 23, 2023 09:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dagood dagood dagood approved these changes

@chsienki chsienki chsienki approved these changes

@jaredpar jaredpar Awaiting requested review from jaredpar

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@qmuntal @dagood @chsienki