CVE-2021-3634: Create a separate length for session_id

Normally, the length of session_id and secret_hash is the same, but if we will get into rekeying with a peer that changes preference of key exchange algorithm, the new secret hash can be larger or smaller than the previous session_id causing invalid reads or writes. Resolves https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35485 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Jakub Jelen <jjelen@redhat.com> 2021-06-23 13:16:33 +0200
committer: Jakub Jelen <jjelen@redhat.com> 2021-08-18 14:16:18 +0200
commit: d3060bc84ed4e160082e819b4d404f76df7c8063 (patch)
tree: ded6214dfa8f9692dce1cfed783e5df4aef8929d /src/wrapper.c
parent: 948bcb773e99139a22adf7be07fb079ab2c3ac5e (diff)
download: libssh-d3060bc84ed4e160082e819b4d404f76df7c8063.tar.gz
libssh-d3060bc84ed4e160082e819b4d404f76df7c8063.tar.xz
libssh-d3060bc84ed4e160082e819b4d404f76df7c8063.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/wrapper.c b/src/wrapper.c
index 06fbe5f9..05c820da 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -184,7 +184,7 @@ void crypto_free(struct ssh_crypto_struct *crypto)
 #endif
     SAFE_FREE(crypto->dh_server_signature);
     if (crypto->session_id != NULL) {
-        explicit_bzero(crypto->session_id, crypto->digest_len);
+        explicit_bzero(crypto->session_id, crypto->session_id_len);
         SAFE_FREE(crypto->session_id);
     }
     if (crypto->secret_hash != NULL) {
author	Jakub Jelen <jjelen@redhat.com>	2021-06-23 13:16:33 +0200
committer	Jakub Jelen <jjelen@redhat.com>	2021-08-18 14:16:18 +0200
commit	d3060bc84ed4e160082e819b4d404f76df7c8063 (patch)
tree	ded6214dfa8f9692dce1cfed783e5df4aef8929d /src/wrapper.c
parent	948bcb773e99139a22adf7be07fb079ab2c3ac5e (diff)
download	libssh-d3060bc84ed4e160082e819b4d404f76df7c8063.tar.gz libssh-d3060bc84ed4e160082e819b4d404f76df7c8063.tar.xz libssh-d3060bc84ed4e160082e819b4d404f76df7c8063.zip