Invalid read reported by valgrind in call to gcry_kdf_derive
Jussi Kivilinna
jussi.kivilinna at iki.fi
Wed Feb 3 17:15:21 CET 2021
Hello,
On 3.2.2021 15.09, Guido Vranken via Gcrypt-devel wrote:
> Tested on the latest repository checkout.
>
> ==17149== Invalid read of size 32
> ==17149== at 0x525B90: ??? (sha256-avx2-bmi2-amd64.S:307)
> ==17149== by 0x4F7777: _gcry_md_block_write (hash-common.c:176)
> ==17149== by 0x480B8F: _gcry_sha256_hash_buffer (sha256.c:639)
> ==17149== by 0x45B412: prepare_macpads (md.c:962)
> ==17149== by 0x45B412: _gcry_md_setkey (md.c:1034)
> ==17149== by 0x456C09: _gcry_kdf_pkdf2 (kdf.c:185)
> ==17149== by 0x477DB7: _gcry_kdf_scrypt (scrypt.c:306)
> ==17149== by 0x429362: gcry_kdf_derive (visibility.c:1312)
> ==17149== by 0x42497A: main (libgcrypt_scrypt_oob_read.c:23)
> ==17149== Address 0x6025300 is 6 bytes after a block of size 90 alloc'd
> ==17149== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==17149== by 0x4248DB: main (libgcrypt_scrypt_oob_read.c:15)
>
> Found by Cryptofuzz running on OSS-Fuzz.
>
Thanks for reporting. I'll be posting patch to mailing-list soon.
-Jussi
More information about the Gcrypt-devel
mailing list