Skip to content

Fenrir fixes#353

Merged
rlm2002 merged 7 commits intowolfSSL:masterfrom
cconlon:fenrir46
Apr 7, 2026
Merged

Fenrir fixes#353
rlm2002 merged 7 commits intowolfSSL:masterfrom
cconlon:fenrir46

Conversation

@cconlon
Copy link
Copy Markdown
Member

@cconlon cconlon commented Apr 6, 2026

Summary

  • Fix ByteBuffer read using unclamped size parameter, reading more bytes than caller requested (F-2149)
  • Zero sensitive private key material before releasing memory in ECC key export (F-2153, F-2154), CTX private key loading (F-2157), and PKCS#8 offset parsing (F-2158), using wc_ForceZero() when available (wolfSSL >= 5.8.4) with XMEMSET fallback
  • Fix JVM thread leak on ALPN callback success path due to missing DetachCurrentThread (F-2150)
  • Add bounds check for SNI data size before word16 cast to prevent silent truncation (F-2155)
  • Guard JaCoCo taskdef behind availability check to prevent unconditional JAR loading, matching existing SpotBugs pattern (F-2151)

@cconlon cconlon self-assigned this Apr 6, 2026
Copilot AI review requested due to automatic review settings April 6, 2026 23:46
Copilot AI reviewed Apr 6, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Addresses several native/JNI security and correctness issues in wolfSSL Java bindings, including bounds handling, sensitive-data scrubbing, and build tooling robustness.

Changes:

  • Tighten read/SNI bounds handling and fix an ALPN callback thread-detach leak in JNI native code.
  • Zero sensitive key material and temporary buffers before freeing where possible (wc_ForceZero with fallback).
  • Make JaCoCo Ant task loading conditional on availability.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
native/com_wolfssl_WolfSSLSession.c Fixes ByteBuffer read sizing, adds SNI length bounds check, and detaches JVM thread in ALPN callback.
native/com_wolfssl_WolfSSLContext.c Adds conditional zeroing of private key buffer (copy-only) before releasing JNI elements.
native/com_wolfssl_WolfSSL.c Zeroes PKCS#8 parsing input buffer before freeing (normal and exception paths).
native/com_wolfssl_WolfCryptEccKey.c Zeroes ECC private key material buffers before freeing/returning; adjusts some error paths.
build.xml Adds a JaCoCo availability check and defers taskdef into a dedicated target.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread build.xml Outdated
Comment thread native/com_wolfssl_WolfSSLSession.c
Comment thread native/com_wolfssl_WolfSSLContext.c
Comment thread native/com_wolfssl_WolfCryptEccKey.c Outdated
Comment thread native/com_wolfssl_WolfSSL.c
@cconlon cconlon assigned rlm2002 and unassigned cconlon Apr 7, 2026
@rlm2002 rlm2002 merged commit c9faa52 into wolfSSL:master Apr 7, 2026
101 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@rlm2002 rlm2002 rlm2002 approved these changes

Assignees

@rlm2002 rlm2002

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cconlon @rlm2002