More PKCS#7 bounds checks

Frauschi · Frauschi · commit 40e7753c9c37 · 2026-04-17T15:12:29.000+02:00
diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
@@ -7035,6 +7035,9 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
 
                     idx += (word32)length;
                 }
+                else if (ret == 0) {
+                    ret = ASN_PARSE_E;
+                }
 
                 pkcs7->content = content;
                 pkcs7->contentSz = (word32)contentSz;
@@ -9615,7 +9618,7 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek,
     cekLen = outTmp[0];
 
     /* verify length */
-    fail |= ctMaskGT(cekLen, (int)inSz);
+    fail |= ctMaskGT(cekLen, (int)inSz - 4);
     /* verify check bytes */
     fail |= ctMaskNotEq((int)(outTmp[1] ^ outTmp[4]), 0xFF);
     fail |= ctMaskNotEq((int)(outTmp[2] ^ outTmp[5]), 0xFF);
@@ -11922,7 +11925,9 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
                         &datePtr, &dateFormat, &dateLen) != 0) {
                     return ASN_PARSE_E;
                 }
-                *idx += (word32)(dateLen + 1);
+                /* datePtr points to the start of the date value
+                 * within pkiMsg; advance past the full TLV. */
+                *idx = (word32)(datePtr - pkiMsg) + (word32)dateLen;
             }
 
             if (*idx > pkiMsgSz) {
@@ -13091,6 +13096,14 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
                 ret = ASN_PARSE_E;
             }
 
+        #ifdef NO_PKCS7_STREAM
+            if (ret == 0 && encryptedContentTotalSz > (int)(pkiMsgSz - idx)) {
+                /* In non-streaming mode, ensure the content fits in the buffer.
+                 * Streaming mode handles this via AddDataToStream. */
+                ret = BUFFER_E;
+            }
+        #endif
+
             if (ret != 0)
                 break;
 
@@ -15344,6 +15357,12 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
                         pkiMsgSz, NO_USER_CHECK) <= 0)
                 ret = ASN_PARSE_E;
 
+#ifdef NO_PKCS7_STREAM
+            if (ret == 0 && encryptedContentSz > (int)(pkiMsgSz - idx)) {
+                ret = BUFFER_E;
+            }
+#endif
+
             if (ret < 0)
                 break;
 #ifndef NO_PKCS7_STREAM
@@ -15381,7 +15400,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
             version    = (int)pkcs7->stream->vers;
             tmpIv      = pkcs7->stream->tmpIv;
 #endif
-            if (encryptedContentSz <= 0) {
+            if (encryptedContentSz <= 0 ||
+                    encryptedContentSz > (int)(pkiMsgSz - idx)) {
                 ret = BUFFER_E;
                 break;
             }
