mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2024-11-04 14:29:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce constant-time memcmp and use it for snmpv3_get_engine_boots

Browse Source 
See #65118
This commit is contained in:
Simon Goldschmidt 2024-01-09 21:14:49 +01:00
parent 09d929f7ff
commit 25de99d1c1
3 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/apps/snmp/snmp_msg.c
View File

@ -1058,7 +1058,7 @@ snmp_parse_inbound_frame(struct snmp_request *request)
IF_PARSE_EXEC(snmpv3_get_user((char *)request->msg_user_name, &auth, key, NULL, NULL));
IF_PARSE_EXEC(snmpv3_auth(&auth_stream, request->inbound_pbuf->tot_len, key, auth, hmac));
if (memcmp(request->msg_authentication_parameters, hmac, SNMP_V3_MAX_AUTH_PARAM_LENGTH)) {
if (lwip_memcmp_consttime(request->msg_authentication_parameters, hmac, SNMP_V3_MAX_AUTH_PARAM_LENGTH)) {
snmp_stats.wrongdigests++;
request->msg_flags = SNMP_V3_NOAUTHNOPRIV;
request->error_status = SNMP_ERR_AUTHORIZATIONERROR;

23
src/core/def.c
View File

@ -261,3 +261,26 @@ lwip_itoa(char *result, size_t bufsize, int number)
memmove(res, tmp, (size_t)((result + bufsize) - tmp));
}
#endif
#ifndef lwip_memcmp_consttime
/**
* @ingroup sys_nonstandard
* The goal of this function is to compare memory with constant runtime in order to prevent
* timing attacks to various parts in the stack.
* To do that, in contrast to memcmp(), it only returns:
* 0: equal
* != 0: not equal
*/
int lwip_memcmp_consttime(const void* s1, const void* s2, size_t len)
{
size_t i;
const unsigned char* a1 = s1;
const unsigned char* a2 = s2;
unsigned char ret = 0;
for (i = 0; i < len; i++) {
ret |= a1[i] ^ a2[i];
}
return ret;
}
#endif

10
src/include/lwip/def.h
View File

@ -148,6 +148,16 @@ char* lwip_strnstr(const char* buffer, const char* token, size_t n);
/* This can be #defined to strnistr() depending on your platform */
char* lwip_strnistr(const char* buffer, const char* token, size_t n);
#endif
#ifndef lwip_memcmp_consttime
/* This could be #defined to something existing on your platform
* The goal of this function is to compare memory with constant runtime in order to prevent
* timing attacks to various parts in the stack.
* To do that, in contrast to memcmp(), it only returns:
* 0: equal
* != 0: not equal
*/
int lwip_memcmp_consttime(const void* s1, const void* s2, size_t len);
#endif
#ifdef __cplusplus
}