Crash caused by double free in SSL and DTLS servers

[cve-reporting]

WolfSSL example server in all versions starting from 3.12.0 (including current 4.2.0c) incorrectly handles error when server certificate cannot be read from a given path.
This vulnerability affects the server in both supported protocols: TLS and DTLS.

Crashing function:
examples/server/server.c:2165-2197

{
    byte*  rnd;
    byte*  pt;
    size_t size;

    /* get size of buffer then print */
    size = wolfSSL_get_server_random(NULL, NULL, 0);
    if (size == 0) {
        err_sys_ex(runWithErrors, "error getting server random buffer size");
    }

    rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    if (rnd == NULL) {
        err_sys_ex(runWithErrors, "error creating server random buffer");
    }

    size = wolfSSL_get_server_random(ssl, rnd, size);
    if (size == 0) {
2183:   XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
        err_sys_ex(runWithErrors, "error getting server random buffer");
    }

    printf("Server Random : ");
    pt = rnd;
    if (pt != NULL) {
        for (pt = rnd; pt < rnd + size; pt++) printf("%02X", *pt);
        printf("\n");
    } else {
        err_sys_ex(runWithErrors, "error: attempted to dereference null "
                                                               "pointer");
    }
2196:XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}

Buffer rnd is freed at line 2183 and then freed again on line 2196.

---

Crash message on SSL server (with ASAN):

./examples/server/server -p 4433 -b -x -c s
wolfSSL error: can't load server cert file, check file and run from wolfSSL home dir
Continuing server execution...

wolfSSL error: unable to get SSL
Continuing server execution...

wolfSSL error: unable to enable CRL
Continuing server execution...

wolfSSL error: unable to load CRL
Continuing server execution...

wolfSSL error: unable to set CRL callback url
Continuing server execution...

wolfSSL error: error in setting fd
Continuing server execution...

SSL_accept error -173, Bad function argument
wolfSSL error: SSL_accept failed
Continuing server execution...

peer has no cert!
SSL version is unknown
SSL cipher suite is (null)
wolfSSL error: SSL in error state
Continuing server execution...

wolfSSL error: error getting server random buffer
Continuing server execution...

Server Random :
==1249==ERROR: AddressSanitizer: attempting double-free on 0x60300000e9e0 in thread T0:
#0 0x7f78a10822ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
#1 0x40f47c in server_test examples/server/server.c:2196
#2 0x405851 in main examples/server/server.c:2434
#3 0x7f78a014882f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#4 0x405a68 in _start (wolfssl-4.2.0c_ASAN/examples/server/.libs/lt-server+0x405a68)

0x60300000e9e0 is located 0 bytes inside of 32-byte region [0x60300000e9e0,0x60300000ea00)
freed by thread T0 here:
#0 0x7f78a10822ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
#1 0x411157 in server_test examples/server/server.c:2183

previously allocated by thread T0 here:
#0 0x7f78a1082602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x40ef4e in server_test examples/server/server.c:2176

SUMMARY: AddressSanitizer: double-free ??:0 __interceptor_free
==1249==ABORTING

---

Crash message on SSL server (without ASAN):

./examples/server/server -p 4433 -b -x -c s
wolfSSL error: can't load server cert file, check file and run from wolfSSL home dir
Continuing server execution...

wolfSSL error: unable to get SSL
Continuing server execution...

wolfSSL error: unable to enable CRL
Continuing server execution...

wolfSSL error: unable to load CRL
Continuing server execution...

wolfSSL error: unable to set CRL callback url
Continuing server execution...

wolfSSL error: error in setting fd
Continuing server execution...

SSL_accept error -173, Bad function argument
wolfSSL error: SSL_accept failed
Continuing server execution...

peer has no cert!
SSL version is unknown
SSL cipher suite is (null)
wolfSSL error: SSL in error state
Continuing server execution...

wolfSSL error: error getting server random buffer
Continuing server execution...

Server Random :
*** Error in `wolfssl-4.2.0c/examples/server/.libs/lt-server': double free or corruption (fasttop): 0x00000000006b8220 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7ff807e5c7e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7ff807e6537a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7ff807e6953c]
wolfssl-4.2.0c/examples/server/.libs/lt-server[0x4076f1]
wolfssl-4.2.0c/examples/server/.libs/lt-server[0x404b31]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7ff807e05830]
wolfssl-4.2.0c/examples/server/.libs/lt-server[0x404ba9]
======= Memory map: ========
00400000-0040d000 r-xp 00000000 fd:01 283903 wolfssl-4.2.0c/examples/server/.libs/lt-server
0060c000-0060d000 r--p 0000c000 fd:01 283903 wolfssl-4.2.0c/examples/server/.libs/lt-server
0060d000-0060e000 rw-p 0000d000 fd:01 283903 wolfssl-4.2.0c/examples/server/.libs/lt-server
006b5000-006d6000 rw-p 00000000 00:00 0 [heap]
7ff800000000-7ff800021000 rw-p 00000000 00:00 0
7ff800021000-7ff804000000 ---p 00000000 00:00 0
7ff8078c6000-7ff8078dc000 r-xp 00000000 fd:01 2039 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ff8078dc000-7ff807adb000 ---p 00016000 fd:01 2039 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ff807adb000-7ff807adc000 rw-p 00015000 fd:01 2039 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ff807adc000-7ff807be4000 r-xp 00000000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7ff807be4000-7ff807de3000 ---p 00108000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7ff807de3000-7ff807de4000 r--p 00107000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7ff807de4000-7ff807de5000 rw-p 00108000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7ff807de5000-7ff807fa5000 r-xp 00000000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7ff807fa5000-7ff8081a5000 ---p 001c0000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7ff8081a5000-7ff8081a9000 r--p 001c0000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7ff8081a9000-7ff8081ab000 rw-p 001c4000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7ff8081ab000-7ff8081af000 rw-p 00000000 00:00 0
7ff8081af000-7ff8081c7000 r-xp 00000000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7ff8081c7000-7ff8083c6000 ---p 00018000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7ff8083c6000-7ff8083c7000 r--p 00017000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7ff8083c7000-7ff8083c8000 rw-p 00018000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7ff8083c8000-7ff8083cc000 rw-p 00000000 00:00 0
7ff8083cc000-7ff808509000 r-xp 00000000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7ff808509000-7ff808709000 ---p 0013d000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7ff808709000-7ff80870c000 r--p 0013d000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7ff80870c000-7ff80870e000 rw-p 00140000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7ff80870e000-7ff8087a8000 rw-p 00000000 00:00 0
7ff8087a8000-7ff8087ce000 r-xp 00000000 fd:01 28169 /lib/x86_64-linux-gnu/ld-2.23.so
7ff8089a6000-7ff8089b5000 rw-p 00000000 00:00 0
7ff8089cb000-7ff8089cd000 rw-p 00000000 00:00 0
7ff8089cd000-7ff8089ce000 r--p 00025000 fd:01 28169 /lib/x86_64-linux-gnu/ld-2.23.so
7ff8089ce000-7ff8089cf000 rw-p 00026000 fd:01 28169 /lib/x86_64-linux-gnu/ld-2.23.so
7ff8089cf000-7ff8089d0000 rw-p 00000000 00:00 0
7fff3df08000-7fff3df29000 rw-p 00000000 00:00 0 [stack]
7fff3dfb6000-7fff3dfb9000 r--p 00000000 00:00 0 [vvar]
7fff3dfb9000-7fff3dfbb000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted

---

Crash message on DTLS server (with ASAN):

./examples/server/server -u -p 4433 -b -x -c s
wolfSSL error: can't load server cert file, check file and run from wolfSSL home dir
Continuing server execution...

wolfSSL error: unable to get SSL
Continuing server execution...

wolfSSL error: unable to enable CRL
Continuing server execution...

wolfSSL error: unable to load CRL
Continuing server execution...

wolfSSL error: unable to set CRL callback url
Continuing server execution...

wolfSSL error: error in setting fd
Continuing server execution...

SSL_accept error -173, Bad function argument
wolfSSL error: SSL_accept failed
Continuing server execution...

peer has no cert!
SSL version is unknown
SSL cipher suite is (null)
wolfSSL error: SSL in error state
Continuing server execution...

wolfSSL error: error getting server random buffer
Continuing server execution...

Server Random :
==29445==ERROR: AddressSanitizer: attempting double-free on 0x60300000e9e0 in thread T0:
#0 0x7f5940ab72ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
#1 0x40f47c in server_test examples/server/server.c:2196
#2 0x405851 in main examples/server/server.c:2434
#3 0x7f593fb7d82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#4 0x405a68 in _start (wolfssl-4.2.0c_ASAN/examples/server/.libs/lt-server+0x405a68)

0x60300000e9e0 is located 0 bytes inside of 32-byte region [0x60300000e9e0,0x60300000ea00)
freed by thread T0 here:
#0 0x7f5940ab72ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
#1 0x411157 in server_test examples/server/server.c:2183

previously allocated by thread T0 here:
#0 0x7f5940ab7602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x40ef4e in server_test examples/server/server.c:2176

SUMMARY: AddressSanitizer: double-free ??:0 __interceptor_free
==29445==ABORTING

---

Crash message on DTLS server (without ASAN):

./examples/server/server -u -p 4433 -b -x -c s
wolfSSL error: can't load server cert file, check file and run from wolfSSL home dir
Continuing server execution...

wolfSSL error: unable to get SSL
Continuing server execution...

wolfSSL error: unable to enable CRL
Continuing server execution...

wolfSSL error: unable to load CRL
Continuing server execution...

wolfSSL error: unable to set CRL callback url
Continuing server execution...

wolfSSL error: error in setting fd
Continuing server execution...

SSL_accept error -173, Bad function argument
wolfSSL error: SSL_accept failed
Continuing server execution...

peer has no cert!
SSL version is unknown
SSL cipher suite is (null)
wolfSSL error: SSL in error state
Continuing server execution...

wolfSSL error: error getting server random buffer
Continuing server execution...

Server Random :
*** Error in `wolfssl-4.2.0c/examples/server/.libs/lt-server': double free or corruption (fasttop): 0x00000000009e0220 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f83210b77e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f83210c037a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f83210c453c]
wolfssl-4.2.0c/examples/server/.libs/lt-server[0x4076f1]
wolfssl-4.2.0c/examples/server/.libs/lt-server[0x404b31]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7f8321060830]
wolfssl-4.2.0c/examples/server/.libs/lt-server[0x404ba9]
======= Memory map: ========
00400000-0040d000 r-xp 00000000 fd:01 283903 wolfssl-4.2.0c/examples/server/.libs/lt-server
0060c000-0060d000 r--p 0000c000 fd:01 283903 wolfssl-4.2.0c/examples/server/.libs/lt-server
0060d000-0060e000 rw-p 0000d000 fd:01 283903 wolfssl-4.2.0c/examples/server/.libs/lt-server
009dd000-009fe000 rw-p 00000000 00:00 0 [heap]
7f831c000000-7f831c021000 rw-p 00000000 00:00 0
7f831c021000-7f8320000000 ---p 00000000 00:00 0
7f8320b21000-7f8320b37000 r-xp 00000000 fd:01 2039 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f8320b37000-7f8320d36000 ---p 00016000 fd:01 2039 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f8320d36000-7f8320d37000 rw-p 00015000 fd:01 2039 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f8320d37000-7f8320e3f000 r-xp 00000000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7f8320e3f000-7f832103e000 ---p 00108000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7f832103e000-7f832103f000 r--p 00107000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7f832103f000-7f8321040000 rw-p 00108000 fd:01 28242 /lib/x86_64-linux-gnu/libm-2.23.so
7f8321040000-7f8321200000 r-xp 00000000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7f8321200000-7f8321400000 ---p 001c0000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7f8321400000-7f8321404000 r--p 001c0000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7f8321404000-7f8321406000 rw-p 001c4000 fd:01 28237 /lib/x86_64-linux-gnu/libc-2.23.so
7f8321406000-7f832140a000 rw-p 00000000 00:00 0
7f832140a000-7f8321422000 r-xp 00000000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f8321422000-7f8321621000 ---p 00018000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f8321621000-7f8321622000 r--p 00017000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f8321622000-7f8321623000 rw-p 00018000 fd:01 28170 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f8321623000-7f8321627000 rw-p 00000000 00:00 0
7f8321627000-7f8321764000 r-xp 00000000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7f8321764000-7f8321964000 ---p 0013d000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7f8321964000-7f8321967000 r--p 0013d000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7f8321967000-7f8321969000 rw-p 00140000 fd:01 283606 wolfssl-4.2.0c/src/.libs/libwolfssl.so.23.0.0
7f8321969000-7f8321a03000 rw-p 00000000 00:00 0
7f8321a03000-7f8321a29000 r-xp 00000000 fd:01 28169 /lib/x86_64-linux-gnu/ld-2.23.so
7f8321c01000-7f8321c10000 rw-p 00000000 00:00 0
7f8321c26000-7f8321c28000 rw-p 00000000 00:00 0
7f8321c28000-7f8321c29000 r--p 00025000 fd:01 28169 /lib/x86_64-linux-gnu/ld-2.23.so
7f8321c29000-7f8321c2a000 rw-p 00026000 fd:01 28169 /lib/x86_64-linux-gnu/ld-2.23.so
7f8321c2a000-7f8321c2b000 rw-p 00000000 00:00 0
7ffc81616000-7ffc81637000 rw-p 00000000 00:00 0 [stack]
7ffc817b5000-7ffc817b8000 r--p 00000000 00:00 0 [vvar]
7ffc817b8000-7ffc817ba000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted

---

Reproduction:

1. Download and compile WolfSSL in version 3.12.0 or later.
2. Execute one of following commands (there should be no file cert.pem in the current directory):

(for SSL server)
./examples/server/server -p 4433 -b -x -c cert.pem

(for DTLS server)
./examples/server/server -u -p 4433 -b -x -c cert.pem

3. Connect to SSL or DTLS server from another device

[kaleb-himes]

Thank you for the report regarding our example application! We do want our examples to be well composed!

This would not be considered a vulnerability nor CVE worthy (@cve-reporting) if it does not effect the internal SSL/TLS or Cryptographic library. We are more than happy to fix a bug in our example applications though, keep up the good work!

• the wolfSSL team

[kaleb-himes]

@cve-reporting,

Just so you are aware you are most welcome to report these via support@wolfssl.com so we have time to address the issue before it is public. It is most responsible to coordinate with an effected vendor before making details public to avoid 0-day exploits.

We appreciate all your hard work please keep the reports coming but please send them to support@wolfssl.com first if it is not too much to ask.

Thanks and Regards,

• the wolfSSL team

[cve-reporting]

@kaleb-himes
This issue has almost zero potential to cause any damage to the server, because it requires wrong certificate path to be provided by administrator, so I agree with You that this issue should not be reported to the CVE database.
However, example applications are very often reused in production ones, so I decided to report it.

[kaleb-himes]

However, example applications are very often reused in production ones, so I decided to report it.

A valid point! Again thanks for the report. PR is up to address: #2572

[kaleb-himes]

@cve-reporting,

PR #2572 has been merged resolving this issue, please let us know if you find anything else and thank you again for the report!

P.S. We appreciate reports like this so much that we are happy to send SWAG (items with the wolfSSL logo, stickers, mugs, whatever our HR department has on hand) to research teams performing this valuable work. If your team would like to receive some SWAG for your efforts please contact us via support@wolfssl.com and we will be happy to connect you with our HR department to receive some export-friendly wolfSSL logo items for your effort!

Regards,

• Kaleb and the wolfSSL Team.