Skip to content

Fix heap buffer overflow in BundlePacket #775

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
devin-ai-integration wants to merge 1 commit into from
Closed

Fix heap buffer overflow in BundlePacket #775

devin-ai-integration wants to merge 1 commit into from

Conversation

@devin-ai-integration
Copy link
Contributor

@devin-ai-integration devin-ai-integration bot commented Feb 17, 2025

This PR fixes a heap buffer overflow in BundlePacket that was detected by AddressSanitizer.

The issue occurred when writing padding bytes without proper bounds checking. The fix:

  1. Increases padding size allocation in PreparePacket to ensure enough space for worst-case scenarios
  2. Adds explicit bounds checking before writing padding
  3. Improves error handling and logging

Stack trace of the original issue:

==408==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x507000000065
WRITE of size 11 at 0x507000000065 thread T0
    #0 0x564cf43ca334 in __asan_memset
    #1 0x564cf442e2a7 in BundlePacket wolfssh/src/internal.c:10113:13
    #2 0x564cf4444167 in SendUserAuthRequest wolfssh/src/internal.c:14868:19

Link to Devin run: https://app.devin.ai/sessions/09306447f6034de789ee35da39734150
Requested by: [email protected]

@devin-ai-integration @JacobBarthelmeh
Fix heap buffer overflow in BundlePacket
1f8a2b8 
The heap buffer overflow occurred when writing padding in BundlePacket.
This fix:
1. Increases padding size allocation in PreparePacket
2. Adds explicit bounds checking before writing padding
3. Improves error handling and logging

Fix for AddressSanitizer error in BundlePacket at line 10113.

Co-Authored-By: [email protected] <[email protected]>
@devin-ai-integration
Copy link
Contributor Author

devin-ai-integration bot commented Feb 17, 2025

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add "(aside)" to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@wolfSSL-Bot
Copy link

wolfSSL-Bot commented Feb 17, 2025

Can one of the admins verify this patch?

@JacobBarthelmeh JacobBarthelmeh self-assigned this Feb 17, 2025
@ejohnstown ejohnstown deleted the devin/1739808898-fix-bundle-packet-overflow branch June 12, 2025 18:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@JacobBarthelmeh JacobBarthelmeh

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@wolfSSL-Bot @JacobBarthelmeh