From 5c10fe9a58e6683f49defe10074956179754078d Mon Sep 17 00:00:00 2001 From: Josh Holtrop Date: Wed, 25 Mar 2026 14:58:28 -0400 Subject: [PATCH] Rust wrapper: BLAKE2: check for non-empty hash buffer in finalize() This is related to F-1070 but not the same. We do not need to check that hash_size being passed in matches the initialized digest size because the C function will use the passed-in size as long as it is non-zero. --- wrapper/rust/wolfssl-wolfcrypt/src/blake2.rs | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/wrapper/rust/wolfssl-wolfcrypt/src/blake2.rs b/wrapper/rust/wolfssl-wolfcrypt/src/blake2.rs index 3afef94597..c4b54cb081 100644 --- a/wrapper/rust/wolfssl-wolfcrypt/src/blake2.rs +++ b/wrapper/rust/wolfssl-wolfcrypt/src/blake2.rs @@ -157,6 +157,12 @@ impl BLAKE2b { /// ``` pub fn finalize(&mut self, hash: &mut [u8]) -> Result<(), i32> { let hash_size = hash.len() as u32; + if hash_size == 0 { + // The C function uses the internal state configured digest size + // if hash_size is passed in as 0. We do not want to allow a + // buffer overrun, so do not allow an empty hash buffer here. + return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E); + } let rc = unsafe { sys::wc_Blake2bFinal(&mut self.wc_blake2b, hash.as_mut_ptr(), hash_size) }; @@ -434,6 +440,12 @@ impl BLAKE2s { /// ``` pub fn finalize(&mut self, hash: &mut [u8]) -> Result<(), i32> { let hash_size = hash.len() as u32; + if hash_size == 0 { + // The C function uses the internal state configured digest size + // if hash_size is passed in as 0. We do not want to allow a + // buffer overrun, so do not allow an empty hash buffer here. + return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E); + } let rc = unsafe { sys::wc_Blake2sFinal(&mut self.wc_blake2s, hash.as_mut_ptr(), hash_size) };