Skip to content

F 1483 : Fix SHA-1 prefix match overwriting SHA-256/384/512 output #216

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
miyazakh wants to merge 2 commits into
base: main
Choose a base branch
from
+3 −3
Open

F 1483 : Fix SHA-1 prefix match overwriting SHA-256/384/512 output #216

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
de71361
fix f-1483 sha1 prefix substring matching
miyazakh Apr 2, 2026
e1ea92c
Addressed Copilot review comments
miyazakh Apr 9, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/hash/clu_hash.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ int wolfCLU_hash(WOLFSSL_BIO* bioIn, WOLFSSL_BIO* bioOut, const char* alg,
}
Copy link
Copy Markdown
Contributor

@dgarske dgarske Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 [Medium] Remaining XSTRNCMP calls could be made consistent with the fix
💡 SUGGEST convention

The PR correctly changes XSTRNCMP(alg, "sha", 3) to XSTRCMP(alg, "sha") to prevent the SHA-1 branch from matching sha256/sha384/sha512. However, other algorithm checks in both wolfCLU_hash() and wolfCLU_hashSetup() still use XSTRNCMP (e.g., XSTRNCMP(alg, "md5", 3) at clu_hash.c:104, XSTRNCMP(alg, "md5", 3) at clu_hash_setup.c:138). While these are functionally safe today because none of those prefixes collide with other algorithm names, wolfCLU_hash() is a public function that accepts alg from external callers (e.g., clu_alg_hash.c). Switching all comparisons to XSTRCMP would be more defensive and consistent with the spirit of this fix — preventing future prefix-collision bugs if new algorithms are added.

Suggestion:

Suggested change
}
#ifndef NO_MD5
if (ret == WOLFCLU_SUCCESS && XSTRCMP(alg, "md5") == 0) {
ret = wc_Md5Hash(input, inputSz, output);
}
#endif
/* And similarly for sha256, sha384, sha512, blake2b, base64enc, base64dec
in both clu_hash.c and clu_hash_setup.c */

Copy link
Copy Markdown
Contributor

@dgarske dgarske Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔵 [Low] The fix is correct but the if-chain ordering is fragile
🔧 NIT style

In wolfCLU_hash(), all the hash algorithm branches are independent if statements (not else if). With the old XSTRNCMP(alg, "sha", 3) code, if alg was "sha256", both the sha256 branch (line 109) and the sha branch (line 124) would fire because ret was still WOLFCLU_SUCCESS (wc_Sha256Hash returns 0 on success). The SHA-1 branch would overwrite the SHA-256 output with a smaller (20-byte) digest. The fix to use XSTRCMP is correct. As a minor readability note, using else if for this chain would make it obvious that only one branch should ever execute, preventing similar issues in the future. This is not blocking since the fix as-is is correct.

Suggestion:

Suggested change
}
/* The #ifdef guards make else-if impossible across preprocessor blocks,
so XSTRCMP is the right fix here. No change needed. */

#endif
#ifndef NO_SHA
if (ret == WOLFCLU_SUCCESS && XSTRNCMP(alg, "sha", 3) == 0) {
if (ret == WOLFCLU_SUCCESS && XSTRCMP(alg, "sha") == 0) {
ret = wc_ShaHash(input, inputSz, output);
}
#endif
Expand Down
4 changes: 2 additions & 2 deletions src/hash/clu_hash_setup.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ int wolfCLU_hashSetup(int argc, char** argv)

for (i = 0; i < (int)algsSz; ++i) {
/* checks for acceptable algorithms */
if (XSTRNCMP(argv[2], algs[i], XSTRLEN(algs[i])) == 0) {
if (XSTRCMP(argv[2], algs[i]) == 0) {
alg = argv[2];
algCheck = 1;
}
Expand Down Expand Up @@ -140,7 +140,7 @@ int wolfCLU_hashSetup(int argc, char** argv)
#endif

#ifndef NO_SHA
if (XSTRNCMP(alg, "sha", 3) == 0)
if (XSTRCMP(alg, "sha") == 0)
size = WC_SHA_DIGEST_SIZE;
#endif

Expand Down
Loading