wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4640 from anhu/prevent_stack_corruption

Browse Source 
Pass in pointer to a local size_t var, not word32 var to prevent stack corruption
This commit is contained in:
David Garske
2021-12-08 14:44:07 -08:00
committed by GitHub
parent cf0d3263ac 74442605fa
commit dac0c21989
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
wolfcrypt/src/falcon.c
View File

@@ -62,6 +62,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
{
int ret = 0;
OQS_SIG *oqssig = NULL;
size_t localOutLen = 0;
/* sanity check on arguments */
if ((in == NULL) || (out == NULL) || (outLen == NULL) || (key == NULL)) {
@@ -95,14 +96,19 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen,
*outLen = FALCON_LEVEL5_SIG_SIZE;
ret = BUFFER_E;
}
localOutLen = *outLen;
}
if ((ret == 0) &&
(OQS_SIG_sign(oqssig, out, (size_t *)outLen, in, inLen, key->k)
(OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k)
== OQS_ERROR)) {
ret = BAD_FUNC_ARG;
}
if (ret == 0) {
*outLen = (word32)localOutLen;
}
if (oqssig != NULL) {
OQS_SIG_free(oqssig);
}