QUIC/decrypt_crypto: Actually check if decryption was successful

...and bail if it wasn't. PCAP was produced using OSS-Fuzz input from issue 383379789.
2025-10-02 14:48:21 +00:00 · 2024-12-11 13:04:45 +01:00 · 2024-12-11 13:04:45 +01:00 · c2f2388f18
commit c2f2388f18
parent d745d746bc
5 changed files with 19 additions and 2 deletions
--- a/src/analyzer/protocol/quic/decrypt_crypto.cc
+++ b/src/analyzer/protocol/quic/decrypt_crypto.cc
@ -152,7 +152,7 @@ Function that calls the AEAD decryption routine, and returns the decrypted data.
 */
 hilti::rt::Bytes decrypt(const std::vector<uint8_t>& client_key, const hilti::rt::Bytes& all_data,
                         uint64_t payload_length, const DecryptionInformation& decryptInfo) {
-    int out, out2, res;
+    int out, out2;

    if ( payload_length < decryptInfo.packet_number_length + AEAD_TAG_LENGTH )
        throw hilti::rt::RuntimeError(hilti::rt::fmt("payload too small %ld < %ld", payload_length,
@ -202,7 +202,8 @@ hilti::rt::Bytes decrypt(const std::vector<uint8_t>& client_key, const hilti::rt
    EVP_CipherUpdate(ctx, decrypt_buffer.data(), &out, encrypted_payload, encrypted_payload_size);

    // Validate whether the decryption was successful or not
-    EVP_CipherFinal_ex(ctx, NULL, &out2);
+    if ( EVP_CipherFinal_ex(ctx, NULL, &out2) == 0 )
+        throw hilti::rt::RuntimeError("decryption failed");

    // Copy the decrypted data from the decrypted buffer into a Bytes instance.
    return hilti::rt::Bytes(decrypt_buffer.data(), decrypt_buffer.data() + out);
--- a/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-crash/analyzer.log.cut
+++ b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-crash/analyzer.log.cut
@ -0,0 +1,3 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+ts	uid	cause	analyzer_kind	analyzer_name	failure_reason
+1733909795.417573	C4J4Th3PJpwUYZZ6gc	violation	protocol	QUIC	decryption failed (<...>/QUIC.spicy:<location>)
--- a/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-crash/conn.log.cut
+++ b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-crash/conn.log.cut
@ -0,0 +1,5 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+ts	uid	proto	history	service
+XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	udp	D	-
+XXXXXXXXXX.XXXXXX	C4J4Th3PJpwUYZZ6gc	udp	D	-
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	tcp	F	ftp
--- a/testing/btest/Traces/quic/383379789-decrypt-crash.pcap
+++ b/testing/btest/Traces/quic/383379789-decrypt-crash.pcap
--- a/testing/btest/scripts/base/protocols/quic/decrypt-crash.zeek
+++ b/testing/btest/scripts/base/protocols/quic/decrypt-crash.zeek
@ -0,0 +1,8 @@
+# @TEST-DOC: Trace produced by OSS-Fuzz triggered a crash due to using a too small local buffer for decryption.
+
+# @TEST-REQUIRES: ${SCRIPTS}/have-spicy
+# @TEST-EXEC: zeek -Cr $TRACES/quic/383379789-decrypt-crash.pcap base/protocols/quic %INPUT
+# @TEST-EXEC: zeek-cut -m ts uid proto history service < conn.log > conn.log.cut
+# @TEST-EXEC: zeek-cut -m ts uid cause analyzer_kind analyzer_name failure_reason < analyzer.log > analyzer.log.cut
+# @TEST-EXEC: btest-diff conn.log.cut
+# @TEST-EXEC: TEST_DIFF_CANONIFIER='sed -E "s/\((.+)\.spicy:[0-9]+:[0-9]+(-[0-9]+:[0-9]+)?\)/(\1.spicy:<location>)/g" | $SCRIPTS/diff-remove-abspath' btest-diff analyzer.log.cut