[PASE] Validate initiatorRandom length in HandlePBKDFParamResponse by Alami-Amine · Pull Request #72741 · project-chip/connectedhomeip

Alami-Amine · 2026-06-25T19:33:16Z

Problem

PASESession::HandlePBKDFParamResponse() reads the peer's initiatorRandom field into a fixed-size 32-byte buffer:

uint8_t random[kPBKDFParamRandomNumberSize];
...
SuccessOrExit(err = tlvReader.Next(AsTlvContextTag(PBKDFParamResponseTags::kInitiatorRandom)));
SuccessOrExit(err = tlvReader.GetBytes(random, sizeof(random)));
VerifyOrExit(ByteSpan(random).data_equal(ByteSpan(mPBKDFLocalRandomData)), err = CHIP_ERROR_INVALID_PASE_PARAMETER);

TLVReader::GetBytes(buf, bufSize) copies only the element's actual length and does not zero the remainder of the buffer. If the received initiatorRandom element is shorter than kPBKDFParamRandomNumberSize, random[len..32) is left uninitialized and is then read by the data_equal() comparison — an uninitialized-stack read (surfaced by MemorySanitizer).

The two analogous reads already validate the element length before reading:

the responderRandom field a few lines below in the same function, and
the initiatorRandom field in HandlePBKDFParamRequest().

Only the initiatorRandom read in HandlePBKDFParamResponse() was missing the check.

Change

Add the same GetLength() == kPBKDFParamRandomNumberSize guard before reading the buffer, so a malformed message is rejected with CHIP_ERROR_INVALID_TLV_ELEMENT before the read, consistent with the surrounding code.

Impact

Low / defense-in-depth. A conformant peer always sends a 32-byte initiatorRandom, so the new check never affects a valid handshake; it only hardens the malformed-input path, which was already rejected — just after the uninitialized read instead of before it.

Testing

No new test added: the change is a one-line guard identical to the responderRandom length check already present (and exercised by the existing TestPASESession PASE handshake tests) a few lines below in the same function, and it does not change behavior for valid handshakes (a conformant peer always sends a 32-byte initiatorRandom). Build and the existing PASE unit tests run in CI.

HandlePBKDFParamResponse() reads the peer's initiatorRandom field into a fixed 32-byte buffer via TLVReader::GetBytes(random, sizeof(random)). GetBytes() copies only the element's actual length and leaves the rest of the buffer unwritten, so an initiatorRandom shorter than kPBKDFParamRandomNumberSize leaves random[len..32) uninitialized. That tail is then read by the following ByteSpan(random).data_equal(...) comparison, an uninitialized-stack read (flagged by MemorySanitizer). The two analogous reads already guard against this with an explicit length check first: the responderRandom field a few lines below, and the initiatorRandom field in HandlePBKDFParamRequest(). Only this read was missing the check. Add it so a malformed PBKDFParamResponse is rejected with CHIP_ERROR_INVALID_TLV_ELEMENT before the buffer is read, matching the surrounding code. No behavioral change for conformant peers, which always send a 32-byte initiatorRandom.

gemini-code-assist

Code Review

This pull request updates PASESession.cpp to verify that the length of the initiator's random value in the TLV reader matches kPBKDFParamRandomNumberSize before retrieving the bytes. This prevents potential issues with invalid TLV element sizes. There are no review comments, so I have no feedback to provide.

github-actions · 2026-06-25T19:51:09Z

PR #72741: Size comparison from 413ff63 to acd9ed7

Full report (33 builds for bl602, bl702, bl702l, cc13x4_26x4, cc32xx, efr32, esp32, nrfconnect, psoc6, qpg, realtek, stm32, telink)

platform	target	config	section	`413ff63`	`acd9ed7`	change
bl602	lighting-app	bl602+mfd+littlefs+rpc	FLASH	1099176	1099194	18
			RAM	133418	133418	0
bl702	lighting-app	bl702+eth	FLASH	1085726	1085744	18
			RAM	109029	109029	0
bl702l	contact-sensor-app	bl702l+mfd+littlefs	FLASH	882218	882236	18
			RAM	108596	108596	0
cc13x4_26x4	lighting-app	LP_EM_CC1354P10_6	FLASH	777368	777384	16
			RAM	103404	103404	0
	lock-ftd	LP_EM_CC1354P10_6	FLASH	790120	790136	16
			RAM	108684	108684	0
	pump-app	LP_EM_CC1354P10_6	FLASH	739376	739392	16
			RAM	97612	97612	0
	pump-controller-app	LP_EM_CC1354P10_6	FLASH	719548	719564	16
			RAM	97644	97644	0
cc32xx	air-purifier	CC3235SF_LAUNCHXL	FLASH	569654	569670	16
			RAM	205112	205112	0
	lock	CC3235SF_LAUNCHXL	FLASH	597214	597230	16
			RAM	205272	205272	0
efr32	lighting-app	BRD4187C	FLASH	1094924	`1094956`	32
			RAM	135256	135256	0
	lock-app	BRD4187C	FLASH	995184	995184	0
			RAM	131292	131292	0
		BRD4338a	FLASH	799809	799825	16
			RAM	243432	243432	0
esp32	all-clusters-app	c3devkit	DRAM	99556	99556	0
			FLASH	`1626146`	1626160	14
			IRAM	94776	94776	0
nrfconnect	all-clusters-app	nrf52840dk_nrf52840	FLASH	844772	844784	12
			RAM	157771	157771	0
psoc6	all-clusters	cy8ckit_062s2_43012	FLASH	1750756	1750772	16
			RAM	215492	215492	0
	all-clusters-minimal	cy8ckit_062s2_43012	FLASH	1626548	`1626564`	16
			RAM	211604	211604	0
	light	cy8ckit_062s2_43012	FLASH	1470860	1470876	16
			RAM	197436	197436	0
	lock	cy8ckit_062s2_43012	FLASH	`1504308`	1504324	16
			RAM	225268	225268	0
qpg	lighting-app	qpg6200+debug	FLASH	843156	843172	16
			RAM	127908	127908	0
	lock-app	qpg6200+debug	FLASH	782976	783008	32
			RAM	118840	118840	0
realtek	light-switch-app	rtl8777g	FLASH	689368	689392	24
			RAM	101780	101780	0
	lighting-app	rtl8777g	FLASH	730304	730320	16
			RAM	102052	102052	0
stm32	light	STM32WB5MM-DK	FLASH	478976	478996	20
			RAM	141492	141492	0
telink	all-devices-app	tl7218x	FLASH	881716	881732	16
			RAM	99716	99716	0
		tlsr9118bdk40d	FLASH	673322	673338	16
			RAM	120848	120848	0
	bridge-app	tl7218x	FLASH	734156	734172	16
			RAM	97700	97700	0
	light-app-ota-compress-lzma-factory-data	tl3218x	FLASH	800682	800698	16
			RAM	42380	42380	0
	light-app-ota-compress-lzma-shell-factory-data	tl7218x	FLASH	845822	845838	16
			RAM	101492	101492	0
	light-switch-app-ota-compress-lzma-factory-data	tl7218x_retention	FLASH	734714	734730	16
			RAM	57824	57824	0
	light-switch-app-ota-compress-lzma-shell-factory-data	tlsr9528a	FLASH	795802	795818	16
			RAM	75176	75176	0
	light-switch-app-ota-factory-data	tl3218x_retention	FLASH	734630	734646	16
			RAM	34480	34480	0
	lighting-app-ota-factory-data	tlsr9118bdk40d	FLASH	615214	615230	16
			RAM	118508	118508	0
	lighting-app-ota-rpc-factory-data-4mb	tlsr9518adk80d	FLASH	842038	842058	20
			RAM	97376	97376	0

codecov · 2026-06-25T20:14:46Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.79%. Comparing base (44fb474) to head (acd9ed7).
⚠️ Report is 30 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #72741      +/-   ##
==========================================
+ Coverage   56.76%   56.79%   +0.03%     
==========================================
  Files        1634     1642       +8     
  Lines      112660   112758      +98     
  Branches    13144    13139       -5     
==========================================
+ Hits        63946    64041      +95     
- Misses      48714    48717       +3

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

github-actions Bot added the protocols label Jun 25, 2026

pullapprove Bot added review - pending protocols and removed protocols labels Jun 25, 2026

gemini-code-assist Bot reviewed Jun 25, 2026

View reviewed changes

jmartinez-silabs approved these changes Jun 26, 2026

View reviewed changes

ForemanZack-CableLabs approved these changes Jun 26, 2026

View reviewed changes

pullapprove Bot added review - approved and removed review - pending labels Jun 26, 2026

greens approved these changes Jun 26, 2026

View reviewed changes

mergify Bot merged commit d2458d4 into project-chip:master Jun 26, 2026
88 of 90 checks passed

mergify Bot deleted the AA/pase-validate-initiator-random-length branch June 26, 2026 16:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[PASE] Validate initiatorRandom length in HandlePBKDFParamResponse#72741

[PASE] Validate initiatorRandom length in HandlePBKDFParamResponse#72741
mergify[bot] merged 1 commit into
project-chip:masterfrom
Alami-Amine:AA/pase-validate-initiator-random-length

Alami-Amine commented Jun 25, 2026 •

edited

Loading

Uh oh!

gemini-code-assist Bot left a comment

Uh oh!

github-actions Bot commented Jun 25, 2026 •

edited

Loading

Uh oh!

codecov Bot commented Jun 25, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Uh oh!

Conversation

Alami-Amine commented Jun 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Problem

Change

Impact

Testing

Uh oh!

gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

github-actions Bot commented Jun 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

codecov Bot commented Jun 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Alami-Amine commented Jun 25, 2026 •

edited

Loading

github-actions Bot commented Jun 25, 2026 •

edited

Loading

codecov Bot commented Jun 25, 2026 •

edited

Loading