Skip to content

Commit ee33f0a

Browse files
1 parent 69e2177 commit ee33f0a

7 files changed

Lines changed: 190 additions & 37 deletions

File tree

src/crypto/clu_evp_crypto.c

Lines changed: 22 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -88,31 +88,39 @@ int wolfCLU_evp_crypto(const WOLFSSL_EVP_CIPHER* cphr, char* mode, byte* pwdKey,
8888
in = wolfSSL_BIO_new_file(fileIn, "rb");
8989
if (in != NULL && !enc && isBase64) {
9090
word32 decodeSz;
91+
long bioSz;
9192

92-
decodeSz = wolfSSL_BIO_get_len(in);
93-
decodedBase64 = (byte*)XMALLOC(decodeSz, HEAP_HINT,
94-
DYNAMIC_TYPE_TMP_BUFFER);
95-
if (decodedBase64 == NULL) {
93+
if ((bioSz = wolfSSL_BIO_get_len(in)) < 0) {
9694
ret = WOLFCLU_FATAL_ERROR;
9795
}
9896
else {
99-
if (wolfSSL_BIO_read(in, decodedBase64, decodeSz) !=
100-
(int)decodeSz) {
97+
decodeSz = (word32)bioSz;
98+
decodedBase64 = (byte*)XMALLOC(decodeSz, HEAP_HINT,
99+
DYNAMIC_TYPE_TMP_BUFFER);
100+
if (decodedBase64 == NULL) {
101101
ret = WOLFCLU_FATAL_ERROR;
102102
}
103+
else {
104+
if (wolfSSL_BIO_read(in, decodedBase64, decodeSz) !=
105+
(int)decodeSz) {
106+
ret = WOLFCLU_FATAL_ERROR;
107+
}
103108

104-
if (ret == WOLFCLU_SUCCESS &&
105-
Base64_Decode(decodedBase64, decodeSz,
106-
decodedBase64, &decodeSz) != 0) {
107-
ret = WOLFCLU_FATAL_ERROR;
108-
}
109+
if (ret == WOLFCLU_SUCCESS &&
110+
Base64_Decode(decodedBase64, decodeSz,
111+
decodedBase64, &decodeSz) != 0) {
112+
ret = WOLFCLU_FATAL_ERROR;
113+
}
109114

110-
if (ret == WOLFCLU_SUCCESS) {
111-
wolfSSL_BIO_free(in);
112-
in = wolfSSL_BIO_new_mem_buf(decodedBase64, decodeSz);
115+
if (ret == WOLFCLU_SUCCESS) {
116+
wolfSSL_BIO_free(in);
117+
in = wolfSSL_BIO_new_mem_buf(decodedBase64, decodeSz);
118+
}
113119
}
114120
}
115121

122+
123+
116124
}
117125
}
118126
else {

src/dh/clu_dh.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -478,7 +478,7 @@ int wolfCLU_DhParamSetup(int argc, char** argv)
478478
if (ret == WOLFCLU_SUCCESS && bioIn != NULL) {
479479
DerBuffer* pDer = NULL;
480480
byte* in = NULL;
481-
word32 inSz = 0;
481+
long inSz = 0;
482482
word32 idx = 0;
483483

484484
inSz = wolfSSL_BIO_get_len(bioIn);

src/ocsp/clu_ocsp.c

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -395,7 +395,7 @@ static int ocspClient(OcspClientConfig* config)
395395
typedef struct IndexEntry {
396396
char status;
397397
time_t revocationTime;
398-
char serial[64];
398+
char serial[65];
399399
struct IndexEntry* next;
400400
} IndexEntry;
401401

@@ -466,7 +466,14 @@ static IndexEntry* parseIndexFile(const char* filename)
466466
}
467467
break;
468468
case 3: /* Serial (hex) */
469-
XSTRNCPY(entry->serial, field, sizeof(entry->serial) - 1);
469+
if (XSTRLEN(field) > sizeof(entry->serial)) {
470+
wolfCLU_LogError("Field %s too long to fit in entry "
471+
"with max size %lu", field,
472+
sizeof(entry->serial));
473+
break;
474+
}
475+
XSTRNCPY(entry->serial, field, sizeof(entry->serial) - 2);
476+
entry->serial[sizeof(entry->serial) - 1] = '\0';
470477
break;
471478
}
472479
fieldNum++;
@@ -478,7 +485,7 @@ static IndexEntry* parseIndexFile(const char* filename)
478485
entry = NULL;
479486
continue;
480487
}
481-
488+
482489
/* For revoked certificates, revocationTime must be valid */
483490
if (entry->status == 'R' && entry->revocationTime == (time_t)-1) {
484491
wolfCLU_LogError("Invalid revocation time for serial %s", entry->serial);

src/sign-verify/clu_dgst_setup.c

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
2020
*/
2121

22+
#include "wolfclu/clu_error_codes.h"
2223
#include <wolfclu/clu_header_main.h>
2324
#include <wolfclu/clu_log.h>
2425
#include <wolfclu/clu_optargs.h>
@@ -202,7 +203,7 @@ int wolfCLU_dgst_setup(int argc, char** argv)
202203

203204
opterr = 0; /* do not display unrecognized options */
204205
optind = 0; /* start at indent 0 */
205-
while ((option = wolfCLU_GetOpt(argc, argv, "",
206+
while (ret == WOLFCLU_SUCCESS && (option = wolfCLU_GetOpt(argc-1, argv, "",
206207
dgst_options, &longIndex )) != -1) {
207208

208209
switch (option) {
@@ -273,6 +274,12 @@ int wolfCLU_dgst_setup(int argc, char** argv)
273274
}
274275
}
275276

277+
if (optarg != NULL && XSTRCMP(optarg, argv[argc-1]) == 0) {
278+
wolfCLU_LogError("Malformed arguments last argument read as value for "
279+
"%s", argv[argc-2]);
280+
ret = WOLFCLU_FATAL_ERROR;
281+
}
282+
276283
if (ret == WOLFCLU_SUCCESS) {
277284
if (dataBio == NULL || sigFile == NULL) {
278285
wolfCLU_LogError("error with reading signature or data");

src/sign-verify/clu_verify.c

Lines changed: 108 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
3131
char* keyPath, int keyType, int pubIn,
3232
int inForm)
3333
{
34-
int hSz = 0;
34+
long hSz = 0;
3535
int fSz;
3636
int ret = WOLFCLU_FATAL_ERROR;
3737

@@ -51,7 +51,18 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
5151
}
5252

5353
XFSEEK(f, 0, SEEK_END);
54-
fSz = (int)XFTELL(f);
54+
fSz = XFTELL(f);
55+
56+
if (fSz < 0) {
57+
wolfCLU_LogError("Invalid Sig File %s.", sig);
58+
XFCLOSE(f);
59+
return BAD_FUNC_ARG;
60+
}
61+
if (fSz > MAX_SIG_SZ) {
62+
wolfCLU_LogError("Sig File too Large %s.", sig);
63+
XFCLOSE(f);
64+
return BAD_FUNC_ARG;
65+
}
5566

5667
data = (byte*)XMALLOC(fSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
5768
if (data == NULL) {
@@ -79,7 +90,15 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
7990
}
8091

8192
XFSEEK(h, 0, SEEK_END);
82-
hSz = (int)XFTELL(h);
93+
hSz = XFTELL(h);
94+
95+
if (hSz < 0) {
96+
wolfCLU_LogError("Unable to Get Size of Hash File %s.",
97+
hashFile);
98+
ret = BAD_FUNC_ARG;
99+
XFCLOSE(h);
100+
break;
101+
}
83102

84103
hash = (byte*)XMALLOC(hSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
85104
if (hash == NULL) {
@@ -109,7 +128,16 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
109128
}
110129

111130
XFSEEK(h, 0, SEEK_END);
112-
hSz = (int)XFTELL(h);
131+
hSz = XFTELL(h);
132+
133+
134+
if (hSz < 0) {
135+
wolfCLU_LogError("Unable to Get Size of Hash File %s.",
136+
hashFile);
137+
ret = BAD_FUNC_ARG;
138+
XFCLOSE(h);
139+
break;
140+
}
113141

114142
hash = (byte*)XMALLOC(hSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
115143
if (hash == NULL) {
@@ -142,7 +170,15 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
142170

143171
/* hSz means msgLen */
144172
XFSEEK(h, 0, SEEK_END);
145-
hSz = (int)XFTELL(h);
173+
hSz = XFTELL(h);
174+
175+
if (hSz < 0) {
176+
wolfCLU_LogError("Unable to Get Size of Hash File %s.",
177+
hashFile);
178+
ret = BAD_FUNC_ARG;
179+
XFCLOSE(h);
180+
break;
181+
}
146182

147183
/* hash means msg */
148184
hash = (byte*)XMALLOC(hSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -176,7 +212,16 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
176212

177213
/* hSz means msgLen */
178214
XFSEEK(h, 0, SEEK_END);
179-
hSz = (int)XFTELL(h);
215+
hSz = XFTELL(h);
216+
217+
218+
if (hSz < 0) {
219+
wolfCLU_LogError("Unable to Get Size of Hash File %s.",
220+
hashFile);
221+
ret = BAD_FUNC_ARG;
222+
XFCLOSE(h);
223+
break;
224+
}
180225

181226
/* hash means msg */
182227
hash = (byte*)XMALLOC(hSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -208,7 +253,15 @@ int wolfCLU_verify_signature(char* sig, char* hashFile, char* out,
208253

209254
/* hSz means msgLen */
210255
XFSEEK(h, 0, SEEK_END);
211-
hSz = (int)XFTELL(h);
256+
hSz = XFTELL(h);
257+
258+
if (hSz < 0) {
259+
wolfCLU_LogError("Unable to Get Size of Hash File %s.",
260+
hashFile);
261+
ret = BAD_FUNC_ARG;
262+
XFCLOSE(h);
263+
break;
264+
}
212265

213266
/* hash means msg */
214267
hash = (byte*)XMALLOC(hSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -249,7 +302,7 @@ int wolfCLU_verify_signature_rsa(byte* sig, char* out, int sigSz, char* keyPath,
249302

250303
#ifndef NO_RSA
251304
int ret;
252-
int keyFileSz = 0;
305+
long keyFileSz = 0;
253306
word32 index = 0;
254307
XFILE keyPathFile = NULL;
255308
RsaKey key;
@@ -275,7 +328,13 @@ int wolfCLU_verify_signature_rsa(byte* sig, char* out, int sigSz, char* keyPath,
275328
}
276329
if (ret == 0) {
277330
XFSEEK(keyPathFile, 0, SEEK_END);
278-
keyFileSz = (int)XFTELL(keyPathFile);
331+
keyFileSz = XFTELL(keyPathFile);
332+
if (keyFileSz < 0) {
333+
wolfCLU_LogError("Unable to Get Size of Key File %s.", keyPath);
334+
ret = BAD_FUNC_ARG;
335+
}
336+
}
337+
if (ret == 0) {
279338
keyBuf = (byte*)XMALLOC(keyFileSz+1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
280339
if (keyBuf == NULL) {
281340
ret = MEMORY_E;
@@ -415,7 +474,13 @@ int wolfCLU_verify_signature_ecc(byte* sig, int sigSz, byte* hash, int hashSz,
415474
}
416475
if (ret == 0) {
417476
XFSEEK(keyPathFile, 0, SEEK_END);
418-
keyFileSz = (int)XFTELL(keyPathFile);
477+
keyFileSz = XFTELL(keyPathFile);
478+
if (keyFileSz < 0) {
479+
wolfCLU_LogError("Unable to Get Size of Key File %s.", keyPath);
480+
ret = BAD_FUNC_ARG;
481+
}
482+
}
483+
if (ret == 0) {
419484
keyBuf = (byte*)XMALLOC(keyFileSz+1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
420485
if (keyBuf == NULL) {
421486
ret = MEMORY_E;
@@ -571,7 +636,13 @@ int wolfCLU_verify_signature_ed25519(byte* sig, int sigSz,
571636
}
572637
if (ret == 0) {
573638
XFSEEK(keyPathFile, 0, SEEK_END);
574-
keyFileSz = (int)XFTELL(keyPathFile);
639+
keyFileSz = XFTELL(keyPathFile);
640+
if (keyFileSz < 0) {
641+
wolfCLU_LogError("Unable to Get Size of Key File %s.", keyPath);
642+
ret = BAD_FUNC_ARG;
643+
}
644+
}
645+
if (ret == 0) {
575646
keyBuf = (byte*)XMALLOC(keyFileSz+1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
576647
if (keyBuf == NULL) {
577648
ret = MEMORY_E;
@@ -721,7 +792,16 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
721792
}
722793

723794
XFSEEK(keyFile, 0, SEEK_END);
724-
keyFileSz = (int)XFTELL(keyFile);
795+
keyFileSz = XFTELL(keyFile);
796+
if (keyFileSz < 0) {
797+
wolfCLU_LogError("Failed to get size of public key FILE.");
798+
XFCLOSE(keyFile);
799+
wc_dilithium_free(key);
800+
#ifdef WOLFSSL_SMALL_STACK
801+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
802+
#endif
803+
return BAD_FUNC_ARG;
804+
}
725805
keyBuf = (byte*)XMALLOC(keyFileSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
726806
if (keyBuf == NULL) {
727807
wolfCLU_LogError("Failed to malloc key buffer.");
@@ -856,7 +936,14 @@ int wolfCLU_verify_signature_xmss(byte* sig, int sigSz,
856936

857937
if (ret == 0) {
858938
XFSEEK(keyFile, 0, SEEK_END);
859-
keyFileSz = (int)XFTELL(keyFile);
939+
keyFileSz = XFTELL(keyFile);
940+
if (keyFileSz < 0) {
941+
ret = WOLFCLU_FATAL_ERROR;
942+
wolfCLU_LogError("Failed to get size of public key FILE.");
943+
}
944+
}
945+
946+
if (ret == 0) {
860947
keyBuf = (byte*)XMALLOC(keyFileSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
861948
if (keyBuf == NULL) {
862949
ret = MEMORY_E;
@@ -1012,7 +1099,14 @@ int wolfCLU_verify_signature_xmssmt(byte* sig, int sigSz,
10121099

10131100
if (ret == 0) {
10141101
XFSEEK(keyFile, 0, SEEK_END);
1015-
keyFileSz = (int)XFTELL(keyFile);
1102+
keyFileSz = XFTELL(keyFile);
1103+
if (keyFileSz < 0) {
1104+
ret = WOLFCLU_FATAL_ERROR;
1105+
wolfCLU_LogError("Failed to get size of public key FILE.");
1106+
}
1107+
}
1108+
1109+
if (ret == 0) {
10161110
keyBuf = (byte*)XMALLOC(keyFileSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
10171111
if (keyBuf == NULL) {
10181112
ret = MEMORY_E;

src/sign-verify/clu_x509_verify.c

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -155,10 +155,28 @@ int wolfCLU_x509Verify(int argc, char** argv)
155155
}
156156
}
157157

158-
cert = load_cert_from_file(verifyCert);
159-
if (!cert) {
160-
wolfCLU_LogError("Failed to load cert: %s\n", verifyCert);
161-
ret = WOLFCLU_FATAL_ERROR;
158+
159+
if (partialChain == 0) {
160+
if( optarg != NULL && XSTRCMP(optarg, argv[argc-1]) == 0) {
161+
wolfCLU_LogError("Malformed arguments last argument read as value for "
162+
"%s", argv[argc-2]);
163+
ret = WOLFCLU_FATAL_ERROR;
164+
}
165+
}
166+
else {
167+
if( optarg != NULL && XSTRCMP(optarg, argv[argc-1]) == 0 &&
168+
(caCert == NULL || XSTRCMP(caCert, argv[argc-1]) != 0)) {
169+
wolfCLU_LogError("Malformed arguments last argument read as value for "
170+
"%s", argv[argc-2]);
171+
ret = WOLFCLU_FATAL_ERROR;
172+
}
173+
}
174+
if (ret == WOLFCLU_SUCCESS) {
175+
cert = load_cert_from_file(verifyCert);
176+
if (!cert) {
177+
wolfCLU_LogError("Failed to load cert: %s\n", verifyCert);
178+
ret = WOLFCLU_FATAL_ERROR;
179+
}
162180
}
163181

164182
if (ret == WOLFCLU_SUCCESS && intermCert) {

0 commit comments

Comments
 (0)