WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Address reviewer's comment 

Don't allow "0xFF" in custom tags
pull/412/head
Daniele Lacamera 2024-02-29 17:02:29 +01:00
parent 304e0e876e
commit df3ccc55b5
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
tools/keytools/sign.c
View File

@ -2008,15 +2008,21 @@ int main(int argc, char** argv)
tag = (uint16_t)arg2num(argv[i + 1], 2);
len = (uint16_t)arg2num(argv[i + 2], 2);
if ((tag < 0x0030) || (tag > 0xFEFE)) {
if (tag < 0x0030) {
fprintf(stderr, "Invalid custom tag: %s\n", argv[i + 1]);
exit(16);
}
if ( ((tag & 0xFF00) == 0xFF00) || ((tag & 0xFF) == 0xFF) ) {
fprintf(stderr, "Invalid custom tag: %s\n", argv[i + 1]);
exit(16);
}
if ((len != 1) && (len != 2) && (len != 4) && (len != 8)) {
fprintf(stderr, "Invalid custom tag len: %s\n", argv[i + 2]);
fprintf(stderr, "Accepted len: 1, 2, 4 or 8\n");
exit(16);
}
CMD.custom_tlv[p].tag = tag;
CMD.custom_tlv[p].len = len;
CMD.custom_tlv[p].val = arg2num(argv[i+3], len);
@ -2031,12 +2037,20 @@ int main(int argc, char** argv)
fprintf(stderr, "Too many custom TLVs.\n");
exit(16);
}
if (argc < (i + 3)) {
if (argc < (i + 2)) {
fprintf(stderr, "Invalid custom TLV fields. \n");
exit(16);
}
tag = (uint16_t)arg2num(argv[i + 1], 2);
len = (uint16_t)strlen(argv[i + 2]) / 2;
if (tag < 0x0030) {
fprintf(stderr, "Invalid custom tag: %s\n", argv[i + 1]);
exit(16);
}
if ( ((tag & 0xFF00) == 0xFF00) || ((tag & 0xFF) == 0xFF) ) {
fprintf(stderr, "Invalid custom tag: %s\n", argv[i + 1]);
exit(16);
}
if (len > 255) {
fprintf(stderr, "custom tlv buffer size too big: %s\n", argv[i + 2]);
exit(16);