Re: KASAN: stack-out-of-bounds Write in sha3_update

From: Eric Biggers
Date: Tue Nov 28 2017 - 15:58:56 EST


On Tue, Nov 28, 2017 at 05:23:01AM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 1ea8d039f9edcfefb20d8ddfe136930f6e551529
> git://git.cmpxchg.org/linux-mmots.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console output is attached.
> C reproducer is attached
> syzkaller reproducer is attached. See https://goo.gl/kgGztJ
> for information about syzkaller reproducers
>
>
> ==================================================================
> BUG: KASAN: stack-out-of-bounds in memcpy include/linux/string.h:341
> [inline]
> BUG: KASAN: stack-out-of-bounds in sha3_update+0xdf/0x2e0
> crypto/sha3_generic.c:161
> Write of size 4096 at addr ffff8801cca07c40 by task syzkaller076574/3044
>

Here's a fix for this bug, though it's a bit messy due to having to export
shash_no_setkey(). Herbert, can you review this, and if you are okay with it
send it to Linus soon? This bug is exploitable on some systems.

By the way, I notice there are also users of the shash or ahash API that don't
check whether the transform requires a key or not, for example
KEYCTL_DH_COMPUTE. Perhaps it would also be a good idea to keep track of the
unkeyed/needs_key/keyed state in the 'struct crypto_tfm' so that
crypto_shash_init() and crypto_ahash_init() can validate the correct state.

---8<---