Skip to content
  • Alexander Færøy's avatar
    Fix out-of-bound memory read in `tor_tls_cert_matches_key()` for NSS. · b46984e9
    Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
    This patch fixes an out-of-bound memory read in
    `tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
    instead of OpenSSL.
    
    The NSS library stores some length fields in bits instead of bytes, but
    the comparison function found in `SECITEM_ItemsAreEqual()` needs the
    length to be encoded in bytes. This means that for a 140-byte,
    DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
    in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
    bytes instead of 140 (140bytes * 8bits = 1120bits).
    
    This patch fixes the issue by converting from bits to bytes before
    calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
    bits before we leave the function.
    
    This patch is part of the fix for TROVE-2020-001.
    
    See: https://bugs.torproject.org/33119
    b46984e9