From 3de4392234241ae91300854264864da213a49b10 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Eivind=20N=C3=A6ss?= <eivnaes@yahoo.com>
Date: Sun, 5 Mar 2023 23:03:13 -0800
Subject: [PATCH] Fix out-of-bounds accesses to ZPasswordHash arrays (#395)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

* Add 'const' parameter to input arguments in crypto_ms.*

* Round ZPasswordHash buffers up to 24 bytes, as the DES MakeKey() function
  accesses ZPasswordHash[21]

Closes github issue #392

[paulus@ozlabs.org - tidied up headline and commit message]

Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
---
 pppd/chap_ms.c   |  2 +-
 pppd/crypto_ms.c | 10 +++++-----
 pppd/crypto_ms.h | 12 ++++++------
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c
index c34b6aa..d1e0cf8 100644
--- a/pppd/chap_ms.c
+++ b/pppd/chap_ms.c
@@ -509,7 +509,7 @@ ChallengeResponse(u_char *challenge,
 		  u_char *PasswordHash,
 		  u_char *response)
 {
-    u_char ZPasswordHash[21];
+    u_char ZPasswordHash[24];
     PPP_CIPHER_CTX *ctx;
 
     BZERO(ZPasswordHash, sizeof(ZPasswordHash));
diff --git a/pppd/crypto_ms.c b/pppd/crypto_ms.c
index 81f3a76..a9ddd5f 100644
--- a/pppd/crypto_ms.c
+++ b/pppd/crypto_ms.c
@@ -125,7 +125,7 @@ MakeKey(const unsigned char *key, unsigned char *des_key)
 #include <openssl/evp.h>
 
 int
-DesEncrypt(unsigned char *clear, unsigned char *key, unsigned char *cipher)
+DesEncrypt(const unsigned char *clear, const unsigned char *key, unsigned char *cipher)
 {
     int retval = 0;
     unsigned int clen = 0;
@@ -154,7 +154,7 @@ DesEncrypt(unsigned char *clear, unsigned char *key, unsigned char *cipher)
 }
 
 int
-DesDecrypt(unsigned char *cipher, unsigned char *key, unsigned char *clear)
+DesDecrypt(const unsigned char *cipher, const unsigned char *key, unsigned char *clear)
 {
     int retval = 0;
     unsigned int clen = 0;
@@ -196,10 +196,10 @@ int test_encrypt()
         0xD0, 0x2E, 0x43, 0x86, 0xBC, 0xE9, 0x12, 0x26
     };  
 
-    unsigned char ZPasswordHash[21] = { 
+    unsigned char ZPasswordHash[24] = {
         0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6,
         0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE
-    };  
+    };
 
     unsigned char expected[24] = { 
         0x82, 0x30, 0x9E, 0xCD, 0x8D, 0x70, 0x8B, 0x5E, 
@@ -222,7 +222,7 @@ int test_decrypt()
         0xD0, 0x2E, 0x43, 0x86, 0xBC, 0xE9, 0x12, 0x26
     };
 
-    unsigned char ZPasswordHash[21] = {
+    unsigned char ZPasswordHash[24] = {
         0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6,
         0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE
     };
diff --git a/pppd/crypto_ms.h b/pppd/crypto_ms.h
index 9083594..e9a039c 100644
--- a/pppd/crypto_ms.h
+++ b/pppd/crypto_ms.h
@@ -40,10 +40,10 @@
  * This is the DES encrypt functions as described by RFC2759.
  * 
  * Parameters:
- * unsigned char *clear:
+ * const unsigned char *clear:
  *      A 8 byte input array to be encrypted
  * 
- * unsigned char *key: 
+ * const unsigned char *key:
  *      A raw 7-byte array to be expanded to 8 with odd-parity
  *
  * unsigned char *cipher:
@@ -51,17 +51,17 @@
  *
  * DesEncrypt returns 1 on success
  */
-int DesEncrypt(unsigned char *clear, unsigned char *key, 
+int DesEncrypt(const unsigned char *clear, const unsigned char *key,
         unsigned char *cipher);
 
 /**
  * This is the DES decrypt functions as described by RFC2759.
  * 
  * Parameters:
- * unsigned char *cipher:
+ * const unsigned char *cipher:
  *      A 8 byte input array to be decrypted
  *
- * unsigned char *key: 
+ * const unsigned char *key:
  *      A raw 7-byte array to be expanded to a 8-byte key with odd-parity
  *
  * unsigned char *clear:
@@ -69,7 +69,7 @@ int DesEncrypt(unsigned char *clear, unsigned char *key,
  *
  * DesDecrypt returns 1 on success
  */
-int DesDecrypt(unsigned char *cipher, unsigned char *key, 
+int DesDecrypt(const unsigned char *cipher, const unsigned char *key,
         unsigned char *clear);
 
 #endif /* PPP_PPPCRYPT_H */
-- 
2.39.2