feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6337 from JacobBarthelmeh/fuzzing

Browse Source 
add sanity check on PKCS7 index value
This commit is contained in:
Sean Parkinson
2023-04-26 08:33:25 +10:00
committed by GitHub
parent 5c97dfbb4c d701a0a06e
commit 7fb9540176
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
wolfcrypt/src/pkcs7.c
View File

@@ -9733,6 +9733,10 @@ static int wc_PKCS7_DecryptKekri(PKCS7* pkcs7, byte* in, word32 inSz,
*idx += (dateLen + 1); *idx += (dateLen + 1);
} }
if (*idx > pkiMsgSz) {
return ASN_PARSE_E;
}
/* may have OPTIONAL OtherKeyAttribute */ /* may have OPTIONAL OtherKeyAttribute */
localIdx = *idx; localIdx = *idx;
if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag, if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag,
@@ -9745,6 +9749,10 @@ static int wc_PKCS7_DecryptKekri(PKCS7* pkcs7, byte* in, word32 inSz,
*idx += length; *idx += length;
} }
if (*idx > pkiMsgSz) {
return ASN_PARSE_E;
}
/* get KeyEncryptionAlgorithmIdentifier */ /* get KeyEncryptionAlgorithmIdentifier */
if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz) < 0) if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;