wolfcrypt: wc_ecc_cmp_param: check string len before strncmp

also return -1 on param mismatch.
2025-07-30 10:47:28 +02:00 · 2024-03-26 14:58:35 +01:00
parent 8970ff4c34
commit 0a03940f5a
1 changed files with 5 additions and 2 deletions
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@ -4279,8 +4279,11 @@ static int wc_ecc_cmp_param(const char* curveParam,
    if (param == NULL || curveParam == NULL)
        return BAD_FUNC_ARG;

-    if (encType == WC_TYPE_HEX_STR)
-        return XSTRNCMP(curveParam, (char*) param, paramSz);
+    if (encType == WC_TYPE_HEX_STR) {
+        if ((word32)XSTRLEN(curveParam) != paramSz)
+            return -1;
+        return (XSTRNCMP(curveParam, (char*) param, paramSz) == 0) ? 0 : -1;
+    }

 #ifdef WOLFSSL_SMALL_STACK
    a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);