cossacklabs / themis / #7759
88%
master: 83%

LAST BUILD BRANCH: release/0.15.0
DEFAULT BRANCH: master
Ran
Jobs 1
Files 73
Run time 14s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 87.712%. Remained the same
#7759

push

travis-ci

web-flow 
Avoid overflows on 32-bit systems (#677)

* Avoid overflows in Secure Cell

Themis Core C API works with buffer sizes expressed as "size_t" while
in Go lengths are expressed as "int". Themis containers can typically
contain up to 4 GB of data with internal length fields using "uint32_t".

On typical 64-bit systems this does not cause overflows since uint32_t
fits into both Go's int and C's size_t. However, on 32-bit system this
can cause overflows. There, size_t is unsigned 32-bit value identical to
uint32_t while int is 32-bit signed value, so the size may not fit into
Go's size range.

We can't do anything about that. On 32-bit systems the buffer sizes are
typically limited to 2 GB anyway due to the way memory is distributed.
However, if the overflow happens, Go will panic when trying to allocate
(effectively) negatively-sized arrays. We should return an error instead.

Add size checks before casting "C.size_t" into "int" and return an error
if the size will overflow. Do this for all API, both new and old.

Normally, Themis is not used to encrypt real 2+ GB messages, but this
condition can easily happen if the data has been corrupted where the
length field is stored. We don't want this to be a source of DOS attacks.

* Reenable tests for corrupted data

The panic condition has been originally detected by a couple of tests
for Secure Cell's Token Protect mode which has the stars properly
aligned for the issue to be visible. Now that the issue is fixed, we can
enable these tests for 32-bit machines again.

* Avoid overflows in Secure Compartor
* Avoid overflows in key generation
* Avoid overflows in Secure Message
* Avoid overflows in Secure Session

Just like Secure Cell, add more checks to other cryptosystems as well.
Unfortunately, we have to duplicate the size check utility. GoThemis
does not have a common utility module, and even if it did, it would not
work due to the way CGo is implemented ("C.size_t" is a... (continued)

3776 of 4305 relevant lines covered (87.71%)

19293.71 hits per line

Jobs
ID Job ID Ran Files Coverage
1 #7759.1 0
87.71
Source Files on build #7759
Detailed source file information is not available for this build.