add check on padSz return, coverity issue 394711

2025-07-29 18:27:29 +02:00 · 2024-07-05 12:07:42 -06:00
parent 25d52dde3f
commit c880fcf822
2 changed files with 7 additions and 0 deletions
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@ -8634,6 +8634,8 @@ int wc_PKCS7_PadData(byte* in, word32 inSz, byte* out, word32 outSz,
        return BAD_FUNC_ARG;

    padSz = wc_PKCS7_GetPadSize(inSz, blockSz);
+    if (padSz < 0)
+        return padSz;

    if (outSz < (inSz + padSz))
        return BAD_FUNC_ARG;
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -49471,6 +49471,11 @@ static wc_test_ret_t pkcs7signed_run_vectors(

    XMEMSET(out, 0, outSz);

+    /* test inner pad size error with block size being 0 */
+    ret = wc_PKCS7_PadData((byte*)data, sizeof(data), out, outSz, 0);
+    if (ret > 0)
+        ERROR_OUT(-1, out);
+
    ret = wc_PKCS7_PadData((byte*)data, sizeof(data), out, outSz, 16);
    if (ret < 0)
        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);