WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #3158 from kaleb-himes/ZD10580_R2 

Address buffer underflow, thanks to J.S. for the report on ZD10580
pull/3171/head
toddouska 2020-07-27 16:42:42 -07:00 committed by GitHub
parent 5ef7ff6054 3c5c0f88d4
commit f46e08e9ea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
wolfcrypt/src/asn.c
View File

@ -10566,9 +10566,22 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
#ifndef NO_WOLFSSL_SKIP_TRAILING_PAD #ifndef NO_WOLFSSL_SKIP_TRAILING_PAD
#ifndef NO_DES3 #ifndef NO_DES3
if (info->cipherType == WC_CIPHER_DES3) { if (info->cipherType == WC_CIPHER_DES3) {
padVal = der->buffer[der->length-1]; /* Assuming there is padding:
if (padVal <= DES_BLOCK_SIZE) { * (der->length > 0 &&
der->length -= padVal; * (der->length % DES_BLOCK_SIZE) != 0)
* and assuming the last value signifies the number of
* padded bytes IE if last value is 0x08 then there are
* 8 bytes of padding:
* padVal = der->buffer[der->length-1];
* then strip this padding before proceeding:
* der->length -= padVal;
*/
if (der->length > 0 &&
(der->length % DES_BLOCK_SIZE) != 0) {
padVal = der->buffer[der->length-1];
if (padVal <= DES_BLOCK_SIZE) {
der->length -= padVal;
}
} }
} }
#endif /* !NO_DES3 */ #endif /* !NO_DES3 */