wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix to check for buffer overrrun with the additional padding in PKCS12 EncryptContent function.

Browse Source
This commit is contained in:
David Garske
2018-08-14 19:20:24 -06:00
parent 04c2b51b4d
commit 3d16f891d4
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wolfcrypt/src/asn.c
View File

@@ -3245,12 +3245,17 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
sz = SetLength(inputSz, out + inOutIdx); sz = SetLength(inputSz, out + inOutIdx);
inOutIdx += sz; totalSz += sz; inOutIdx += sz; totalSz += sz;
/* adjust size to pad */ /* get pad size and verify buffer room */
sz = Pkcs8Pad(out + inOutIdx, inputSz, blockSz); sz = Pkcs8Pad(NULL, inputSz, blockSz);
if (sz + inOutIdx > *outSz) if (sz + inOutIdx > *outSz)
return BUFFER_E; return BUFFER_E;
/* copy input to output buffer and pad end */
XMEMCPY(out + inOutIdx, input, inputSz); XMEMCPY(out + inOutIdx, input, inputSz);
sz = Pkcs8Pad(out + inOutIdx, inputSz, blockSz);
totalSz += sz;
/* encrypt */
if ((ret = wc_CryptKey(password, passwordSz, salt, saltSz, itt, id, if ((ret = wc_CryptKey(password, passwordSz, salt, saltSz, itt, id,
out + inOutIdx, sz, version, cbcIv, 1)) < 0) { out + inOutIdx, sz, version, cbcIv, 1)) < 0) {
@@ -3265,7 +3270,6 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
totalSz += sz;
return totalSz; return totalSz;
} }