diff --git a/.github/workflows/os-check.yml b/.github/workflows/os-check.yml index 4baea6b830..38f7488f6b 100644 --- a/.github/workflows/os-check.yml +++ b/.github/workflows/os-check.yml @@ -98,6 +98,7 @@ jobs: '--enable-curve25519=nonblock --enable-ecc=nonblock --enable-sp=yes,nonblock CPPFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DEBUG_NONBLOCK"', '--enable-certreq --enable-certext --enable-certgen --disable-secure-renegotiation-info CPPFLAGS="-DNO_TLS"', '--enable-ocsp --enable-ocsp-responder --enable-ocspstapling CPPFLAGS="-DWOLFSSL_NONBLOCK_OCSP" --enable-maxfragment', + '--enable-all CPPFLAGS=-DWOLFSSL_HASH_KEEP', ] name: make check if: github.repository_owner == 'wolfssl' diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index 61f7aacd63..64a6308c91 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -1956,9 +1956,14 @@ int _wc_Hash_Grow(byte** msg, word32* used, word32* len, const byte* in, { word32 usedSz = 0; - if (inSz <= 0 || !WC_SAFE_SUM_WORD32(*used, (word32)inSz, usedSz)) + if (inSz < 0 || !WC_SAFE_SUM_WORD32(*used, (word32)inSz, usedSz)) return BAD_FUNC_ARG; + /* Allow zero-length input as a no-op. Some callers may pass zero-length + * data during hash operations and this should not be treated as an error. */ + if (inSz == 0) + return 0; + if (*len < usedSz) { if (*msg == NULL) { *msg = (byte*)XMALLOC(usedSz, heap, DYNAMIC_TYPE_TMP_BUFFER);