mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:20:49 +02:00
Fix negative count and NULL pointer checks in group-setting and shared cipher APIs
Add count < 0 validation to wolfSSL_CTX_set_groups and wolfSSL_set_groups (src/tls.c) to prevent negative count from bypassing the upper-bound check and corrupting numGroups via byte truncation. Widen count == 0 to count <= 0 and add NULL groups check in wolfSSL_CTX_set1_groups and wolfSSL_set1_groups (src/ssl.c). Add NULL buf and NULL cipher checks in wolfSSL_get_shared_ciphers to prevent NULL pointer dereference.
This commit is contained in:
@@ -1295,10 +1295,12 @@ const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, int len)
|
||||
{
|
||||
const char* cipher;
|
||||
|
||||
if (ssl == NULL || len <= 0)
|
||||
if (ssl == NULL || buf == NULL || len <= 0)
|
||||
return NULL;
|
||||
|
||||
cipher = wolfSSL_get_cipher_name_iana(ssl);
|
||||
if (cipher == NULL)
|
||||
return NULL;
|
||||
len = (int)min((word32)len, (word32)(XSTRLEN(cipher) + 1));
|
||||
XMEMCPY(buf, cipher, (size_t)len);
|
||||
return buf;
|
||||
@@ -3321,8 +3323,8 @@ int wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups,
|
||||
int i;
|
||||
int _groups[WOLFSSL_MAX_GROUP_COUNT];
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_set1_groups");
|
||||
if (count <= 0) {
|
||||
WOLFSSL_MSG("Group count is not positive");
|
||||
if (groups == NULL || count <= 0) {
|
||||
WOLFSSL_MSG("Groups NULL or count not positive");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
if (count > WOLFSSL_MAX_GROUP_COUNT) {
|
||||
@@ -3360,8 +3362,8 @@ int wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count)
|
||||
int i;
|
||||
int _groups[WOLFSSL_MAX_GROUP_COUNT];
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_set1_groups");
|
||||
if (count <= 0) {
|
||||
WOLFSSL_MSG("Group count is not positive");
|
||||
if (groups == NULL || count <= 0) {
|
||||
WOLFSSL_MSG("Groups NULL or count not positive");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
if (count > WOLFSSL_MAX_GROUP_COUNT) {
|
||||
|
||||
Reference in New Issue
Block a user