Fixes for new defects in wolfCryot and wolfSSL (excluding test code)

2025-07-31 19:24:42 +02:00 · 2019-12-13 17:17:13 -06:00
parent 7e45ae2ec6
commit 0bb8ae8564
6 changed files with 22 additions and 13 deletions
--- a/src/internal.c
+++ b/src/internal.c
@@ -3368,7 +3368,7 @@ void InitX509(WOLFSSL_X509* x509, int dynamicFlag, void* heap)
    x509->dynamicMemory  = (byte)dynamicFlag;
    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
        x509->refCount = 1;
-        wc_InitMutex(&x509->refMutex);
+        (void)wc_InitMutex(&x509->refMutex);
    #endif
 }

--- a/src/tls.c
+++ b/src/tls.c
@@ -2617,7 +2617,7 @@ static int TLSX_TCA_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                    return BUFFER_ERROR;
                ato16(input + offset, &idSz);
                offset += OPAQUE16_LEN;
-                if (offset + idSz > length)
+                if (idSz > length - offset)
                    return BUFFER_ERROR;
                id = input + offset;
                offset += idSz;
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -4009,7 +4009,7 @@ static int DoTls13SupportedVersions(WOLFSSL* ssl, const byte* input, word32 i,
            return BUFFER_ERROR;
        ato16(&input[i], &totalExtSz);
        i += OPAQUE16_LEN;
-        if (i + totalExtSz != helloSz)
+        if (totalExtSz != helloSz - i)
            return BUFFER_ERROR;

        /* Need to negotiate version first. */
--- a/wolfcrypt/src/pkcs12.c
+++ b/wolfcrypt/src/pkcs12.c
@@ -767,6 +767,10 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
                word32 tmpIdx = 0;
                byte ar[MAX_LENGTH_SZ + 2];
                tmpSz = SetShortInt(ar, &tmpIdx, mac->itt, MAX_LENGTH_SZ + 2);
+                if (tmpSz < 0) {
+                    WOLFSSL_MSG("Error returned by SetShortInt");
+                    return tmpSz;
+                }
                XMEMCPY(&sdBuf[idx], ar, tmpSz);
            }

--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -3430,8 +3430,8 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,
                                               const byte* hashBuf,
                                               word32 hashSz)
 {
-    int ret = 0, innerAttribSz = 0;
-    word32 digestSz = 0, idx = 0;
+    int ret = 0, digestSz = 0, innerAttribSz = 0;
+    word32 idx = 0;
    byte* digestBuf = NULL;
 #ifdef WOLFSSL_SMALL_STACK
    byte* digest = NULL;
@@ -3502,17 +3502,20 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,

        digestBuf = digest;
        digestSz = wc_HashGetDigestSize(hashType);
-
+        if (digestSz < 0) {
+            WOLFSSL_MSG("Invalid hash type");
+            return digestSz;
+        }
    } else {

        /* user passed in pre-computed hash */
        digestBuf = (byte*)hashBuf;
-        digestSz  = hashSz;
+        digestSz  = (int)hashSz;
    }

    /* compare generated to hash in messageDigest attribute */
-    if ((innerAttribSz != (int)digestSz) ||
-        (XMEMCMP(attrib->value + idx, digestBuf, digestSz) != 0)) {
+    if ((innerAttribSz != digestSz) ||
+        (XMEMCMP(attrib->value + idx, digestBuf, (word32)digestSz) != 0)) {
        WOLFSSL_MSG("Content digest does not match messageDigest attrib value");
 #ifdef WOLFSSL_SMALL_STACK
        XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -4643,7 +4646,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
                XFREE(pkcs7->stream->tmpCert, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
                pkcs7->stream->tmpCert = (byte*)XMALLOC(length,
                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                if (pkcs7->stream->tmpCert == NULL) {
+                if ((pkiMsg2 == NULL) || (pkcs7->stream->tmpCert == NULL)) {
                    ret = MEMORY_E;
                    break;
                }
@@ -8391,12 +8394,14 @@ static int wc_PKCS7_KariGetKeyEncryptionAlgorithmId(WC_PKCS7_KARI* kari,
        word32* keyAgreeOID, word32* keyWrapOID)
 {
    int length = 0;
-    word32 localIdx = *idx;
+    word32 localIdx;

    if (kari == NULL || pkiMsg == NULL || idx == NULL ||
        keyAgreeOID == NULL || keyWrapOID == NULL)
        return BAD_FUNC_ARG;

+    localIdx = *idx;
+
    /* remove KeyEncryptionAlgorithmIdentifier */
    if (GetSequence(pkiMsg, &localIdx, &length, pkiMsgSz) < 0)
        return ASN_PARSE_E;
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -1467,7 +1467,7 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
 {
    int   ret;
    byte* tmp;
-    int   hLen, i, maskLen;
+    int   hLen, i, maskLen, orig_bits = bits;
 #if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
    byte tmp_buf[RSA_MAX_SIZE/8];
    tmp = tmp_buf;
@@ -1498,7 +1498,7 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
        saltLen = hLen;
        #ifdef WOLFSSL_SHA512
            /* See FIPS 186-4 section 5.5 item (e). */
-            if (bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
+            if (orig_bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
                saltLen = RSA_PSS_SALT_MAX_SZ;
        #endif
    }