From patchwork Mon Mar 2 14:20:39 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4785 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:292f:b0:83c:d90d:321 with SMTP id f15csp1816491maw; Mon, 2 Mar 2026 06:21:04 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCVrkSyTVe2PpOdK4+4iTlnlnFSJBJzKdCAPqxUz4IgvNJ2riby9tslrr/Jo54P70Rk0bj871pZTzpI=@openvpn.net X-Received: by 2002:a05:6808:1902:b0:450:760b:cc9e with SMTP id 5614622812f47-464becfcda3mr7424225b6e.27.1772461263992; Mon, 02 Mar 2026 06:21:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1772461263; cv=none; d=google.com; s=arc-20240605; b=ifdUuy8XEEKM6RQCNj7dX6BtmIDC0nNisyKN+xO44q7kiDqshEFPxY5FJ2Tdy+LN3C 5IoNE4oc/cFMnrY1wSbEv6kiAruMWEMS2K6B4Uyv8xQGPFpIVn+TXugVF/muiBgEGY4I CL2YW8oT2o4Byi+rwG78zZTkoTKOHxX5gHJqsv1+zlA8ifxFT6VydxyZvHdVFlMSFAzN gjVrDhyCzymQa0ZkY9fE/bw7iL3cskWdBstJ/t2UuhefppHzUToJjVljZq9ASAf/dJIj zOI0S/MYrpHetesn+tkQZ5rlbq6r2EqP4fA7cQNzHLWs/xzsXvQpK5kw4RfFk267tyl8 U4qw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=FepYJc7SMLVkR02NbQGjVHBESgm5orse1R8743Zse/k=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=ZMoRfKIG/EAnk8f7zrtyAnRztXH/OTR4QuTIXUWjaJYbCx9oMoWjgF/6iOkgpxNikc vWtdWcB7Y3tV9Sal2kBeQ5cx32vtOq0RVX/0GhHUt7wYYD3jtyrXmTh2AvV4dKJ0fGbt LQoRXJkKJCdJoHi08xehwJEjIvZFtVSlM925Q6ut6jiGRkOXSpluq8jashyyBeIKkTFH lcydj4NrMtv/N8tyhaxSgdgMJAVoqEHYUAv/R9eM7EPQi2zEH8CE8vO6E3tOe6WIDOYm lKt1RB+350tSKJjUqfMtxma0Wak3V8XdJ6OgRp3WYdG8S0ZMHd6sV8TRclN7tWEge/mA sCig==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=HJN163Nj; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=U7Bk+4Ty; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=hj53XCcz; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-4160cf33f36si9818703fac.47.2026.03.02.06.21.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Mar 2026 06:21:03 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=HJN163Nj; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=U7Bk+4Ty; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=hj53XCcz; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=FepYJc7SMLVkR02NbQGjVHBESgm5orse1R8743Zse/k=; b=HJN163NjpUHYbzIqM0JATzdOhc 2NbG3QOvkbEdMzDB8niFAC8p/55lzsrIRwSQApJGIJZWR1srAO0ttkvZX1yJ8f5UAAOc2aAYFxV0P o9ZFxAqYp7Nl6m/1o6A9Nche5aWzfXDo97dYf6lVZqxxtPkg8AV+vs9TZ7hgcih3KWBw=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vx48l-0002ME-1k; Mon, 02 Mar 2026 14:20:55 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vx48i-0002M4-R5 for openvpn-devel@lists.sourceforge.net; Mon, 02 Mar 2026 14:20:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=fS1rNbRUHuOleUSyJSYY2nJzwn2TQjpRAh80twYdHvg=; b=U7Bk+4TytycOMajiM2XGjvIt2u SlOEgu8u79nsfRYpXCiXq3js4ZLGCSSUxZJjgp8TBXgpuIr2fVAf2S9OHPzBjigUIDotdRFNe363e 2zn97VNzg/mrQjxZzX7CizMI5jsh/7JMgJW/G9u7fRyVTIjEbrOfylvhRf2K97otEcss=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=fS1rNbRUHuOleUSyJSYY2nJzwn2TQjpRAh80twYdHvg=; b=hj53XCczMxg9j2GjgnRFl8U4Zn 4KXMD9H8sbjTDrat4Wpf3JeTFR+GfJ4YtIpjzZj8tUW63xvzJsdXS2nXaqOZ2rPaUadeMCkqe0MPH 58x1Vp/XkvNZD+cEiy3AVxwvWgtdo/tLI0t0wQLTMhHJxW3Fx0/E3T0yG53td3kwFZYE=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vx48i-0001aq-02 for openvpn-devel@lists.sourceforge.net; Mon, 02 Mar 2026 14:20:52 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 622EKjOf005968 for ; Mon, 2 Mar 2026 15:20:45 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 622EKjJv005967 for openvpn-devel@lists.sourceforge.net; Mon, 2 Mar 2026 15:20:45 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 2 Mar 2026 15:20:39 +0100 Message-ID: <20260302142045.5954-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Max Fillinger The PKCS#11 provider can crash OpenVPN by making it try to allocate 2^64 bytes for a certificate. To avoid this, set a maximum size for certificates. If the size is exceeded, don't try to allocate mem [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vx48i-0001aq-02 Subject: [Openvpn-devel] [PATCH v1] Avoid unbounded allocations in pkcs11_mbedtls.c X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1858560342413618127?= X-GMAIL-MSGID: =?utf-8?q?1858560342413618127?= From: Max Fillinger The PKCS#11 provider can crash OpenVPN by making it try to allocate 2^64 bytes for a certificate. To avoid this, set a maximum size for certificates. If the size is exceeded, don't try to allocate memory and instead exit pkcs11_get_x509_cert with an error. The chosen maximum size is 100.000 bytes which is twice the size of a SLH-DSA (aka SPHINCS+) signature. Found-by: ZeroPath (https://zeropath.com/) Reported-by: Joshua Rogers Github: closes OpenVPN/openvpn-private-issues#42 Change-Id: I53d47e4a0d33c380ee95e0e33aecad3db3197940 Signed-off-by: Max Fillinger Acked-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1549 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1549 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/src/openvpn/pkcs11_mbedtls.c b/src/openvpn/pkcs11_mbedtls.c index 66aefac..bf9d953 100644 --- a/src/openvpn/pkcs11_mbedtls.c +++ b/src/openvpn/pkcs11_mbedtls.c @@ -42,6 +42,16 @@ static bool pkcs11_get_x509_cert(pkcs11h_certificate_t pkcs11_cert, mbedtls_x509_crt *cert) { + /* We set a maximum size for certificates so that the PKCS provider cannot crash OpenVPN by + * making it try to allocate 2^64 bytes. The maximum of 100.000 bytes is picked as a round + * number that easily accomodates the currently standardized quantum-safe signature algorithms. + * It is twice the size of a SLH-DSA (aka SPHINCS+) signature plus public key. + * + * However, there are additional digital signature schemes currently on the NIST on-ramp + * (e.g., some parameter settings for LESS) that have even larger public keys or signatures, so + * if those ever see use on smartcards, we will need to increase this number. */ + const size_t max_cert_size = 100000; + unsigned char *cert_blob = NULL; size_t cert_blob_size = 0; bool ret = false; @@ -52,6 +62,12 @@ goto cleanup; } + if (cert_blob_size > max_cert_size) + { + msg(M_WARN, "PKCS#11: Certificate too large: %lu bytes, maximum is %lu", cert_blob_size, max_cert_size); + goto cleanup; + } + check_malloc_return((cert_blob = calloc(1, cert_blob_size))); if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, cert_blob, &cert_blob_size) != CKR_OK) {