Struct corruption in der_decode_sequence_flexi.c

[stevemit]

Prerequisites

• [x] Checked the developer manual
• [x] Checked that your issue isn't already filed: https://github.com/issues?utf8=✓&q=repo%3Alibtom%2Flibtomcrypt
• [x] Checked that your issue isn't due to the fact that you're using asymmetric cryptography and you forgot linking in and/or setting an MPI provider (usually this causes either random crashes or runtime errors like LTC_ARGCHK 'ltc_mp.name != NULL' failure ...). c.f. Ch. "Math Descriptors" of the developer manual.
• [x] Checked that your issue isn't related to TomsFastMath's limitation that PK operations can by default only be done with max. 2048bit keys

Description

Inspecting der_decode_sequence_flexi.c at line 152, when parsing an INTEGER we have

             if ((err = mp_init(&l->data)) != CRYPT_OK) {
                 goto error;
             }

The function mp_init writes to an mp_int structure, but l->data is just a void*. This trashes the fields following data in the ltc_asn1_list struct.

Steps to Reproduce

Code inspection.

Version

1.18.2

Additional Information

A fix would be to point data to an allocated mp_int buffer, and then to free it in der_sequence_free.c.

[sjaeckel]

mp_init() is not the mp_init() you're assuming, but

https://github.com/libtom/libtomcrypt/blob/fae62af0ab16f469c2512ec04575dd60ca018657/src/headers/tomcrypt_private.h#L145

which in turn is MPI provider specific and for LTM declared here:

https://github.com/libtom/libtomcrypt/blob/fae62af0ab16f469c2512ec04575dd60ca018657/src/math/ltm_desc.c#L56-L69

This init() then calls init_mpi() which allocates the struct you're expecting to be corrupted.

https://github.com/libtom/libtomcrypt/blob/fae62af0ab16f469c2512ec04575dd60ca018657/src/math/ltm_desc.c#L44-L54

This references the current state of the develop branch and not the latest release, but the mechanism is still the same.

Please re-open if this doesn't fix this for you.

[stevemit]

Thanks for the quick response.